|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Katrina Network Damage Report
On Mon, 12 Sep 2005 12:26:03 EDT, "Howard, W. Lee" said: > Maybe I missed an intermediate post or two, but is the assertion > here that IPv6 is more secure because it's impractical to scan such > a large number of possible host IP addresses? Sort of like zebra > camouflage--it's easy to see the herd, but hard to see a single > zebra. > > There may be other ways to find a host address than random botting. > Phishing, perhaps. The good news here is that although there's "neighbor discovery protocols" that let you find the other zebras on the subnet, they only work if you're already riding a zebra in the herd. If you're riding a giraffe or hippo, or a zebra from another herd, you still can't see the zebras. Now if we could just do some genetic engineering to cull this mutation that causes zebras to spontaneously sprout big neon "Ride Me" signs..... (In other words, yes - we *will* see a shift in tactics from "random scanning" to "find a vulnerable host on the subnet, and use it to enumerate the other hosts". I predict that web bugs and spam variants will be the method of choice for finding that first host.....) Attachment:
pgp00017.pgp
|