Gert,
Good point. Now that you explain it, my concerns below sound irrelevant.
Thanks!
- Rama
On 11/9/12 8:52 AM, Gert Doering wrote:
Hi,
On Mon, Nov 05, 2012 at 09:53:35PM -0500, Rama Darbha wrote:
When I first read this, I immediately agreed that performing a
brute-force attach on a /64 network would be infeasible. But then I
started to reflect on why it would be so infeasible? Computers are
getting faster, and NICs have more capacity, so their ability to create
faster mappings scales in relation. Do we have current research numbers
to state how long it takes to do a brute force scan of a /64?
Basic math. If you can send 1000 packets/sec without being noticed,
scanning 2^64 addresses will take about 584942417 *years*.
If you can send a million packets/sec, it will only take 584942 years,
though...
Gert Doering
-- NetMaster
--
Rama Darbha, CCIE#28006
919-574-5071
[email protected]
Cisco TAC - Security Solutions
RTP, NC, USA
Hours: 8h30 - 17h00 (EST)
http://www.cisco.com/tac/
_______________________________________________
OPSEC mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/opsec
