Technical Summary
The 128 bits of IPv6 address space is considerably bigger than the 32
bits of address space of IPv4. In particular, the IPv6 subnets to
which hosts attach will by default have 64 bits of host address
space. As a result, traditional methods of remote TCP or UDP network
scanning to discover open or running services on a host will
potentially become less feasible, due to the larger search space in
the subnet. In addition automated attacks, such as those performed by
network worms, that pick random host addresses to propagate to, may
be hampered. This document discusses this property of IPv6 and
describes related issues for IPv6 site network administrators to
consider, which may be of importance when planning site address
allocation and management strategies. While traditional network
scanning probes (whether by individuals or automated via network
worms) may become less common, administrators should be aware of
other methods attackers may use to discover IPv6 addresses on a
target network, and also be aware of appropriate measures to mitigate
them.
Working Group Summary
The working group process was uneventful.
Document Quality
The document addresses the widespread practice in IPv4 of scanning a
network to detect the presence of hosts, how hosts might be detected
in an IPv6 network, and how an administration might defend against
those attacks. The working group generally believes that it will be
helpful to an IPv6 network administration.
Personnel
The Document Shepherd is Fred Baker. Ron Bonica is He Who Is
Responsible.