Re: [AfrIPv6-Discuss] Need of help for scaning ipv6 block

2019-11-04 Thread Daniel Shaw 
On Mon, 4 Nov 2019 at 06:33, Alejandro Acosta
 wrote:

>   The take away of Jordi's message and our message in general is that you 
> need to take a different approach, you can not just scan the full IPv6 
> address space; you mentioned nmap however AFAIK nmap does not allow IPv6 host 
> scanning.

Hi Alejandro, all,

This is a side diversion, however, just FYI, nmap does indeed support
IPv6 just fine. However as pointed out, due to the sheer size of the
address space, it's not practical to use it to scan a prefix. But for
a detailed scan of a single host's ports/services, yes, you can use v6
with nmap.

Cheers,
Daniel

___
AfrIPv6-Discuss mailing list
AfrIPv6-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/afripv6-discuss

Re: [AfrIPv6-Discuss] Need of help for scaning ipv6 block

2019-11-03 Thread Alejandro Acosta 
Hello Jordi, Malick

  Jordi, thanks for forwarding this message. Hope my response goes thru
since I'm also subscribe to afripv6.

Malick,

  As Jordi said we are working in a very similar study (actually
probably identical), in this moment I'm happy to tell you we have
everything up & running.

  The take away of Jordi's message and our message in general is that
you need to take a different approach, you can not just scan the full
IPv6 address space; you mentioned nmap however AFAIK nmap does not allow
IPv6 host scanning. As an additional comment many years ago, just for
fun (I was leaning multi threading) I wrote a very short python3 script
for host scanning IPv6 networks [1]:
https://blog.acostasite.com/2014/12/python-script-probably-useless-but.html

  The key part for your project is to identify the recursive resolvers,
you have many ways of doing this, example: you could use the logs of a
DNS authoritative server for a zone.

  Here you will find more information (in English):

https://prensa.lacnic.net/news/en/research/new-lacnic-research-initiative-identifies-open-dns-servers-in-the-region

https://prensa.lacnic.net/news/en/ipv6-en/lacnic-launches-new-service-for-detecting-open-dns-servers-with-ipv6-in-the-region

Our public tester:

https://warp.lacnic.net/dns-open-resolvers-con-ipv6


  We are publishing some results (worldwide, not only LACNIC region):

https://stats.labs.lacnic.net/IPv6/DNSOpenResolver/


  Hope the above helps.


Alejandro,

[1] https://github.com/alejandroacostaalamo/Python3-ipv6hostscanner


On 11/3/19 9:33 AM, JORDI PALET MARTINEZ wrote:
>
> I can point to the authors of a similar study in LACNIC (in copy).
>
>  
>
> https://labs.lacnic.net/Identificando-servidores-DNS-IPv6-Open-Resolvers/
>
>  
>
> The article mentions as well a similar study in RIPE. Sorry is Spanish!
>
>  
>
> I think the point is to go from the “reverse root server” administered
> by Afrinic, so you don’t need to do a complete scanning, which will be
> near to impossible …
>
>  
>
> This was also presented in the LACNIC31:
> https://www.lacnic.net/3636/50/evento/agenda-lacnic-31#thursday-ftl
>
>  
>
> Look for the slides and video:
>
>  
>
> *Identifying Open Resolvers in IPv6*
> Alejandro Acosta, Darío Gómez
>
>  
>
> I’m sure they will be able to help!
>
>  
>
> Regards,
>
> Jordi
>
> @jordipalet
>
>  
>
>  
>
>  
>
> El 3/11/19 16:21, "Malick K. ALASSANE"  > escribió:
>
>  
>
> My objective for this study is to detect open DNS resolvers in the
> AFRINIC IP space. 
>
>  
>
> Le dim. 3 nov. 2019, à 16 h 05, JORDI PALET MARTINEZ via
> AfrIPv6-Discuss  > a écrit :
>
> Hi Malick,
>
>  
>
> That’s somehow, one of the “advantages” of IPv6, that make it much
> more difficult.
>
>  
>
> If the operators and end-users are doing a good work, they will
> not be assigning neither contiguous prefixes, neither contiguous
> prefixes/LANs, neither contiguous hosts!
>
>  
>
> May be if you explain a bit more what you’re trying to achieve, we
> can give some ideas.
>
>  
>
> Regards,
>
> Jordi
>
> @jordipalet
>
>  
>
>  
>
>  
>
> El 3/11/19 15:57, "Malick K. ALASSANE"  > escribió:
>
>  
>
> Good morning, everyone!
> I'm doing a study on afrinic's IP address blocks. I didn't have
> any constraints with ipv4 address blocks. The use of the zmap tool
> allowed me to do a quick scan on all available IPV4 addresses.
> Unfortunately, i don't know how to scan IPV6 blocks without taking
> a long time. Nmap, can help me, but it could take several years to
> finish. Zmap or Masscan don't support ipv6. 
>
> I would like to know if anyone has a solution to quickly scan ipv6
> address blocks to identify ipv6 servers that offer a service.
>
>  
>
> Thanks for your help!
>
> ___ AfrIPv6-Discuss
> mailing list AfrIPv6-Discuss@afrinic.net
> 
> https://lists.afrinic.net/mailman/listinfo/afripv6-discuss
>
>
> **
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
>
> This electronic message contains information which may be
> privileged or confidential. The information is intended to be for
> the exclusive use of the individual(s) named above and further
> non-explicilty authorized disclosure, copying, distribution or use
> of the contents of this information, even if partially, including
> attached files, is strictly prohibited and will be considered a
> criminal offense. If you are not the intended recipient be aware
> that any disclosure, copying, distribution or use of the contents
> of this information, even if partially, including attached files,
> is strictly

Re: [AfrIPv6-Discuss] Need of help for scaning ipv6 block

2019-11-03 Thread Malick K. ALASSANE 
Thank you very much Jordi for your help. Don't worry for the language.
I will take the time to read this research work and contact the authors if
necessary for more information or explanation.

Le dim. 3 nov. 2019, à 16 h 34, JORDI PALET MARTINEZ via AfrIPv6-Discuss <
afripv6-discuss@afrinic.net> a écrit :

> I can point to the authors of a similar study in LACNIC (in copy).
>
>
>
> https://labs.lacnic.net/Identificando-servidores-DNS-IPv6-Open-Resolvers/
>
>
>
> The article mentions as well a similar study in RIPE. Sorry is Spanish!
>
>
>
> I think the point is to go from the “reverse root server” administered by
> Afrinic, so you don’t need to do a complete scanning, which will be near to
> impossible …
>
>
>
> This was also presented in the LACNIC31:
> https://www.lacnic.net/3636/50/evento/agenda-lacnic-31#thursday-ftl
>
>
>
> Look for the slides and video:
>
>
>
> *Identifying Open Resolvers in IPv6*
> Alejandro Acosta, Darío Gómez
>
>
>
> I’m sure they will be able to help!
>
>
>
> Regards,
>
> Jordi
>
> @jordipalet
>
>
>
>
>
>
>
> El 3/11/19 16:21, "Malick K. ALASSANE"  escribió:
>
>
>
> My objective for this study is to detect open DNS resolvers in the AFRINIC
> IP space.
>
>
>
> Le dim. 3 nov. 2019, à 16 h 05, JORDI PALET MARTINEZ via AfrIPv6-Discuss <
> afripv6-discuss@afrinic.net> a écrit :
>
> Hi Malick,
>
>
>
> That’s somehow, one of the “advantages” of IPv6, that make it much more
> difficult.
>
>
>
> If the operators and end-users are doing a good work, they will not be
> assigning neither contiguous prefixes, neither contiguous prefixes/LANs,
> neither contiguous hosts!
>
>
>
> May be if you explain a bit more what you’re trying to achieve, we can
> give some ideas.
>
>
>
> Regards,
>
> Jordi
>
> @jordipalet
>
>
>
>
>
>
>
> El 3/11/19 15:57, "Malick K. ALASSANE"  escribió:
>
>
>
> Good morning, everyone!
> I'm doing a study on afrinic's IP address blocks. I didn't have any
> constraints with ipv4 address blocks. The use of the zmap tool allowed me
> to do a quick scan on all available IPV4 addresses. Unfortunately, i don't
> know how to scan IPV6 blocks without taking a long time. Nmap, can help me,
> but it could take several years to finish. Zmap or Masscan don't support
> ipv6.
>
> I would like to know if anyone has a solution to quickly scan ipv6 address
> blocks to identify ipv6 servers that offer a service.
>
>
>
> Thanks for your help!
>
> ___ AfrIPv6-Discuss mailing
> list AfrIPv6-Discuss@afrinic.net
> https://lists.afrinic.net/mailman/listinfo/afripv6-discuss
>
>
> **
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
>
> This electronic message contains information which may be privileged or
> confidential. The information is intended to be for the exclusive use of
> the individual(s) named above and further non-explicilty authorized
> disclosure, copying, distribution or use of the contents of this
> information, even if partially, including attached files, is strictly
> prohibited and will be considered a criminal offense. If you are not the
> intended recipient be aware that any disclosure, copying, distribution or
> use of the contents of this information, even if partially, including
> attached files, is strictly prohibited, will be considered a criminal
> offense, so you must reply to the original sender to inform about this
> communication and delete it.
>
> ___
> AfrIPv6-Discuss mailing list
> AfrIPv6-Discuss@afrinic.net
> https://lists.afrinic.net/mailman/listinfo/afripv6-discuss
>
> ___ AfrIPv6-Discuss mailing
> list AfrIPv6-Discuss@afrinic.net
> https://lists.afrinic.net/mailman/listinfo/afripv6-discuss
>
> **
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
>
> This electronic message contains information which may be privileged or
> confidential. The information is intended to be for the exclusive use of
> the individual(s) named above and further non-explicilty authorized
> disclosure, copying, distribution or use of the contents of this
> information, even if partially, including attached files, is strictly
> prohibited and will be considered a criminal offense. If you are not the
> intended recipient be aware that any disclosure, copying, distribution or
> use of the contents of this information, even if partially, including
> attached files, is strictly prohibited, will be considered a criminal
> offense, so you must reply to the original sender to inform about this
> communication and delete it.
>
> ___
> AfrIPv6-Discuss mailing list
> AfrIPv6-Discuss@afrinic.net
> https://lists.afrinic.net/mailman/listinfo/afripv6-discuss
>
___
AfrIPv6-Discuss mailing

Re: [AfrIPv6-Discuss] Need of help for scaning ipv6 block

2019-11-03 Thread Carlos Marcelo Martinez Cagnazzo 
There are different heuristics that you can apply to reduce the size of the 
search space. See Fernando Gont's work on the issue.


However, there is no way to brute force scan even a single /64 in a reasonable 
amount of time.


Here at LACNIC we've searching for open resolvers in IPv6, see 
https://labs.lacnic.net/Identificando-servidores-DNS-IPv6-Open-Resolvers/ (in 
Spanish , Google translate is your friend)


Let me know if you have any questions about this work.


Carlos


via Newton Mail 
[https://cloudmagic.com/k/d/mailapp?ct=pa=10.0.25=9=email_footer_2]
 On Sun, Nov 03, 2019 at 12:15pm, Malick K. ALASSANE < alkomal...@gmail.com 
[alkomal...@gmail.com] > wrote:
My objective for this study is to detect open DNS resolvers in the AFRINIC IP 
space.

Le dim. 3 nov. 2019, à 16 h 05, JORDI PALET MARTINEZ via AfrIPv6-Discuss < 
afripv6-discuss@afrinic.net [afripv6-discuss@afrinic.net] > a écrit :
Hi Malick,



That’s somehow, one of the “advantages” of IPv6, that make it much more 
difficult.



If the operators and end-users are doing a good work, they will not be 
assigning neither contiguous prefixes, neither contiguous prefixes/LANs, 
neither contiguous hosts!



May be if you explain a bit more what you’re trying to achieve, we can give 
some ideas.



Regards,

Jordi

@jordipalet







El 3/11/19 15:57, "Malick K. ALASSANE" < alkomal...@gmail.com 
[alkomal...@gmail.com] > escribió:



Good morning, everyone!
I'm doing a study on afrinic's IP address blocks. I didn't have any constraints 
with ipv4 address blocks. The use of the zmap tool allowed me to do a quick 
scan on all available IPV4 addresses. Unfortunately, i don't know how to scan 
IPV6 blocks without taking a long time. Nmap, can help me, but it could take 
several years to finish. Zmap or Masscan don't support ipv6.

I would like to know if anyone has a solution to quickly scan ipv6 address 
blocks to identify ipv6 servers that offer a service.



Thanks for your help!

___ AfrIPv6-Discuss mailing list 
AfrIPv6-Discuss@afrinic.net [AfrIPv6-Discuss@afrinic.net] 
https://lists.afrinic.net/mailman/listinfo/afripv6-discuss 
[https://lists.afrinic.net/mailman/listinfo/afripv6-discuss]


**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com [http://www.theipv6company.com]
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly prohibited and will be 
considered a criminal offense. If you are not the intended recipient be aware 
that any disclosure, copying, distribution or use of the contents of this 
information, even if partially, including attached files, is strictly 
prohibited, will be considered a criminal offense, so you must reply to the 
original sender to inform about this communication and delete it.

___
AfrIPv6-Discuss mailing list
AfrIPv6-Discuss@afrinic.net [AfrIPv6-Discuss@afrinic.net]
https://lists.afrinic.net/mailman/listinfo/afripv6-discuss 
[https://lists.afrinic.net/mailman/listinfo/afripv6-discuss]

___ AfrIPv6-Discuss mailing list 
AfrIPv6-Discuss@afrinic.net 
https://lists.afrinic.net/mailman/listinfo/afripv6-discuss___
AfrIPv6-Discuss mailing list
AfrIPv6-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/afripv6-discuss