Re: [OPSEC] Mail regarding draft-gont-opsec-ipv6-host-scanning
Gert Doering <gert@space.net> Fri, 09 November 2012 13:52 UTC
Return-Path: <gert@space.net>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C99B21F85C0 for <opsec@ietfa.amsl.com>; Fri, 9 Nov 2012 05:52:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d7LFXDqAZs3b for <opsec@ietfa.amsl.com>; Fri, 9 Nov 2012 05:52:36 -0800 (PST)
Received: from mobil.space.net (mobil.Space.Net [IPv6:2001:608:2:81::2]) by ietfa.amsl.com (Postfix) with ESMTP id B3A1421F84C6 for <opsec@ietf.org>; Fri, 9 Nov 2012 05:52:35 -0800 (PST)
Received: from mobil.space.net (localhost [127.0.0.1]) by mobil.space.net (Postfix) with ESMTP id 4DAE26029E for <opsec@ietf.org>; Fri, 9 Nov 2012 14:52:34 +0100 (CET)
X-SpaceNet-Relay: true
Received: from moebius3.space.net (moebius3.Space.Net [IPv6:2001:608:2:2::250]) by mobil.space.net (Postfix) with ESMTPS id 2E5EC60150 for <opsec@ietf.org>; Fri, 9 Nov 2012 14:52:34 +0100 (CET)
Received: (qmail 56812 invoked by uid 1007); 9 Nov 2012 14:52:34 +0100
Date: Fri, 09 Nov 2012 14:52:34 +0100
From: Gert Doering <gert@space.net>
To: Rama Darbha <radarbha@cisco.com>
Message-ID: <20121109135234.GH13776@Space.Net>
References: <50987BAF.60909@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <50987BAF.60909@cisco.com>
X-NCC-RegID: de.space
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: opsec@ietf.org
Subject: Re: [OPSEC] Mail regarding draft-gont-opsec-ipv6-host-scanning
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Nov 2012 13:52:37 -0000
Hi,
On Mon, Nov 05, 2012 at 09:53:35PM -0500, Rama Darbha wrote:
> When I first read this, I immediately agreed that performing a
> brute-force attach on a /64 network would be infeasible. But then I
> started to reflect on why it would be so infeasible? Computers are
> getting faster, and NICs have more capacity, so their ability to create
> faster mappings scales in relation. Do we have current research numbers
> to state how long it takes to do a brute force scan of a /64?
Basic math. If you can send 1000 packets/sec without being noticed,
scanning 2^64 addresses will take about 584942417 *years*.
If you can send a million packets/sec, it will only take 584942 years,
though...
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
- [OPSEC] Mail regarding draft-gont-opsec-ipv6-host… Rama Darbha
- [OPSEC] Mail regarding draft-gont-opsec-ipv6-host… Rama Darbha
- Re: [OPSEC] Mail regarding draft-gont-opsec-ipv6-… Gert Doering
- Re: [OPSEC] Mail regarding draft-gont-opsec-ipv6-… Rama Darbha