North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: IPv6 Advertisements

  • From: Donald Stahl
  • Date: Wed May 30 10:33:25 2007


I would call that not understanding today's security world. "Scanning"
is not the primary mode of looking for vulnerabilities today. There are
several more effective "come here and get infected" and "click on this
attachment and get infected" techniques.
I'm well aware of the modern security problems. All I said was:
"There is something to be said for not being able to blindly spew worm
traffic and still expect to get a sensible hit ratio as with IPv4."
and I stand behind that statement.

What scanning that does go on today usually not the "lets scan the
Internet." No money in it. You target your scans to the address ranges
of the sites you are trying to mine (i.e. build BOTNETs) or go after.
I'm not sure I understand what you are saying- if you number based on hardware addresses then I have no idea what you mean by "address ranges." The hosts you are trying to compromise could be anywhere in the subnet- that's the 3500 years I was referring to above. That's 3500 years to scan a single /64 subnet- not the entire Internet- not even a tiny little fraction of it.

The problem will be people putting all their ducks in a row, so to speak.

-Don