Hi, On Mon, Jul 21, 2014 at 12:18:46AM -0700, David Lang wrote: > While it is nice to say that IPv6 has a large address space and so nobody > will ever scan it, I don't believe it.
Don't believe. Try math. 2^64 is big enough that if you manage to send
a few 1000 packets a second, you'll need up to the heat death of the
universe to scan a single /64 subnet...
(Of course this can be optimized if you're targeting very specific
devices and "only" need to scan 2^24 potential EUI64 addresses in
a given vendor's MAC range - but that's not your Joe Random attacker.
If someone is that determined, he'll just target your PC first, and
jump from there to the devices on your LAN. Way easier in general)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgp9RQ4rBklXV.pgp
Description: PGP signature
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
