nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: AWS Elastic IP architecture

From: Matthew Kaufman <matthew () matthew at>
Date: Tue, 2 Jun 2015 09:35:11 -0700
Ah, the "IPv6 subnets are so big you can't find the hosts" myth.

Let's see... to find which hosts are active in IPv6 I can:
- run a popular web service that people connect to, revealing their addresses
- run a DNS server that lots of folks directly use (see Google)
- use the back door login your router vendor provided and ask
- query your unsecured public SNMP and ask
- get you to install software that sends back a list of what's on your subnet
- make educated guesses about your non-privacy IP addresses based on the MAC address ranges of popular hardware that is 
available in stores this year to reduce the search space to a manageable size
- hack the site where you get automatic updates from and use its logs

That's just off the top of my head

Matthew Kaufman

(Sent from my iPhone)


On Jun 2, 2015, at 9:21 AM, Nikolay Shopik <shopik () inblock ru> wrote:

Tell me how do you plan find printer in /64 subnet, scan it?


On 02.06.2015 18:08, Matthew Kaufman wrote:

I can't run my laser printer without a firewall in front of it, and I
can't even guess how secure the controller in the septic system pump box
might be... so I don't risk it. And I *know* that some of the webcams I
have are vulnerable and have no updates available.
Previous By Date Next
Previous By Thread Next

Current thread: