IPv6 Implications for Network Scanning
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, v6ops mailing list <firstname.lastname@example.org>, v6ops chair <email@example.com> Subject: Document Action: 'IPv6 Implications for Network Scanning' to Informational RFC The IESG has approved the following document: - 'IPv6 Implications for Network Scanning ' <draft-ietf-v6ops-scanning-implications-05.txt> as an Informational RFC This document is the product of the IPv6 Operations Working Group. The IESG contact persons are Ron Bonica and Dan Romascanu. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-v6ops-scanning-implications-05.txt
Technical Summary The 128 bits of IPv6 address space is considerably bigger than the 32 bits of address space of IPv4. In particular, the IPv6 subnets to which hosts attach will by default have 64 bits of host address space. As a result, traditional methods of remote TCP or UDP network scanning to discover open or running services on a host will potentially become less feasible, due to the larger search space in the subnet. In addition automated attacks, such as those performed by network worms, that pick random host addresses to propagate to, may be hampered. This document discusses this property of IPv6 and describes related issues for IPv6 site network administrators to consider, which may be of importance when planning site address allocation and management strategies. While traditional network scanning probes (whether by individuals or automated via network worms) may become less common, administrators should be aware of other methods attackers may use to discover IPv6 addresses on a target network, and also be aware of appropriate measures to mitigate them. Working Group Summary The working group process was uneventful. Document Quality The document addresses the widespread practice in IPv4 of scanning a network to detect the presence of hosts, how hosts might be detected in an IPv6 network, and how an administration might defend against those attacks. The working group generally believes that it will be helpful to an IPv6 network administration. Personnel The Document Shepherd is Fred Baker. Ron Bonica is He Who Is Responsible.