On Jan 7, 2011, at 1:20 AM, Owen DeLong wrote:
You are mistaken... Host scanning followed by port sweeps is a very common threat and still widely practiced in IPv4.
I know it's common and widely-practiced. My point is that if the host is security properly, this doesn't matter; and that if it isn't secured properly, it's going to be found via hinted scanning and exploited, anyways.
And there are ways to mitigate ND attacks as well.
As has been pointed out elsewhere in this thread, not to the degree of control and certainty needed in production environments.
Sparse addressing is a win for much more than just rendering scanning useless, but, making scanning useless is still a win.
Since it doesn't make scanning useless (again, hinted scanning), that 'win' is gone. How else is it supposedly a win? ------------------------------------------------------------------------ Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Most software today is very much like an Egyptian pyramid, with millions of bricks piled on top of each other, with no structural integrity, but just done by brute force and thousands of slaves. -- Alan Kay