Nmap Development mailing list archives
nmap scanning of IPv6 hosts
From: Craig Miller <cvmiller () gmail com>
Date: Wed, 30 Dec 2015 08:55:59 -0800
Hello nmap devs,I have been experimenting with nmap 7.01 and scanning IPv6 hosts on my network. I have found the following:
1. Although scanning uses the solicited node multicast address, which reduces a /64 network from 2^64 addresses to 2^24, it still takes about a week to scan a single /64 network 2. IPv6 uses temporary addresses (RFC 4941) which typically only last 24 hours. Which means by the time nmap scanner finds an address, it will more than likely have changed. 3. Using the all nodes multicast address ff02::1 is much more efficient at node discovery in IPv6. I see that a nmap script targets-ipv6-multicast-mld.nse has already been written to take advantage of this. 4. I have also taken advantage of the all_nodes method and written a shell script to drive nmap https://github.com/cvmiller/v6discOf course the ff02::1 is not without draw backs. The nmap scanning host must be on the same /64 network as the targets.
It would be nice if nmap supported the MLD/ff02::1 approach natively, as the brute force method is not really practical for IPv6. I am hoping to start a discussion in order to further improve nmap.
TIA Craig...
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap scanning of IPv6 hosts Craig Miller (Dec 30)
- Re: nmap scanning of IPv6 hosts David Fifield (Dec 30)
- Re: nmap scanning of IPv6 hosts Craig Miller (Dec 31)
- Re: nmap scanning of IPv6 hosts David Fifield (Dec 31)
- Re: nmap scanning of IPv6 hosts Craig Miller (Dec 31)
- Re: nmap scanning of IPv6 hosts Daniel Miller (Dec 31)
- Re: nmap scanning of IPv6 hosts Craig Miller (Dec 31)
- Re: nmap scanning of IPv6 hosts David Fifield (Dec 30)