Jeroen Massar wrote:
Gadi Evron wrote:
Other solution: disable IPv4 SSH and enable the IPv6 one, no scanning on that plane ;)
Yet.
Enjoy scanning, even I and I guess the rest of this list will be long time retired and sipping pina coladas and other good stuff (hot chocolate milk with whipcream and baileys anyone? :) in hawaii or some other heavenly place the day that the hardware and pipes are available to scan a single /64 efficiently.
It's easier & faster to google or use logs* for working hosts ;)
Greets, Jeroen
* = maybe RFC3041 does have a use as that makes these IP's 'random' and thus sort of useless unless one attacks directly...
Not to start a huge pointless discussion, but I have a few thoughts on this: You don't have to scan an entire /64 ( :) ). You can sniff network traffic and see what IP addresses you see, then scan only close ranges to those. You can create a DB or download one, with addresses of known used spaces. You can throw out thousands of random packets, finding used spaces. You can do a lot of things, some smarter and mathematical, others just sensible. If I could come up with 3 silly solutions in 2 seconds, I bet the Bad Guys will do far better when the time comes, if it ever does. I am of a mind that we need IPv-NEXT-ONE (or whatever) to deal with actual problems before we undertake IPv6, but that's just an opinion and therefore completely wrong. Don't count any of today's trouble out.. even if we all did use IPv6. Besides, with IPv6 it is my understanding we will have far larger issues to contend with. Gadi.