For anyone who can answer my curiosity,
I attended an IPv6 conference hosted at Charleston, SC last fall and heard Robert Kahn talk about using the available IPv6 address space to address services individually. I understand this to mean:
example: Server A with ftp, telnet,smtp, http
IPv4 Server A
192.168.1.1:21 ftp
192.168.1.1:23 telnet
192.168.1.1:25 smtp
192.168.1.1:80 http
IPv6 Server A
[3ffe::215:554:ad2:111a]:21 ftp
[3ffe::215:554:ad2:211a]:23 telnet
[3ffe::215:554:ad2:311a]:25 smtp
[3ffe::215:554:ad2:411a]:80 http
We see very good security implications. Specifically, identying host OS and vulnerabilities would be difficult if an attacker did not know what multiple services were running on a given host.
I could not find any references that any OSes are implementing this today. Is Microsoft, BSD, Linux, Solaris, or any other OS allowing configuration of services in this manner?
tia
Dale
DALE G SESVOLD
Senior Network Engineer
MacAulay-Brown, Inc
JIOC/J61, Vulnerability Assessments
