IPv6 Implications for Network Scanning
RFC 5157

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    v6ops mailing list <v6ops@ops.ietf.org>, 
    v6ops chair <v6ops-chairs@tools.ietf.org>
Subject: Document Action: 'IPv6 Implications for Network 
         Scanning' to Informational RFC 

The IESG has approved the following document:

- 'IPv6 Implications for Network Scanning '
   <draft-ietf-v6ops-scanning-implications-05.txt> as an Informational RFC

This document is the product of the IPv6 Operations Working Group. 

The IESG contact persons are Ron Bonica and Dan Romascanu.

A URL of this Internet-Draft is:

Technical Summary

The 128 bits of IPv6 address space is considerably bigger than the 32
bits of address space of IPv4. In particular, the IPv6 subnets to
which hosts attach will by default have 64 bits of host address
space. As a result, traditional methods of remote TCP or UDP network
scanning to discover open or running services on a host will
potentially become less feasible, due to the larger search space in
the subnet. In addition automated attacks, such as those performed by
network worms, that pick random host addresses to propagate to, may
be hampered. This document discusses this property of IPv6 and
describes related issues for IPv6 site network administrators to
consider, which may be of importance when planning site address
allocation and management strategies. While traditional network
scanning probes (whether by individuals or automated via network
worms) may become less common, administrators should be aware of
other methods attackers may use to discover IPv6 addresses on a
target network, and also be aware of appropriate measures to mitigate

Working Group Summary

The working group process was uneventful.

Document Quality

The document addresses the widespread practice in IPv4 of scanning a
network to detect the presence of hosts, how hosts might be detected
in an IPv6 network, and how an administration might defend against
those attacks. The working group generally believes that it will be
helpful to an IPv6 network administration.


The Document Shepherd is Fred Baker. Ron Bonica is He Who Is