On Tue, 18 Dec 2007 12:14:52 +0100 Iljitsch van Beijnum <iljitsch@muada.com> wrote:
On 18 dec 2007, at 6:37, Steven M. Bellovin wrote:
In a slightly more realistic vein, a huge address space makes life harder for scanning worms. As Angelos Keromytis, Bill Cheswick, and I have pointed out, "harder" is by no means equivalent to "impossible", but the myth, new as it is, still propagates.
I'd say that the huge address space makes life impossible for scanning worms.
Right, by simple arithmetic.
That doesn't mean that there can be no successful scanning at all with IPv6, but it needs to be highly targeted if you want results the same year, so just pumping random numbers in the destination address field like SQL slammer did so successfully doesn't cut it in IPv6.
See http://www.cs.columbia.edu/~smb/papers/v6worms.pdf --Steve Bellovin, http://www.cs.columbia.edu/~smb