Hacker News new | past | comments | ask | show | jobs | submit login

Now do IPv6



Yeah, just go ahead, scan PTR records for some mere 2^120 addresses.

Even if we scan just the first address of each /64, it’s still about 2^56. Unlikely anyone is ever going to do it.

This is another thing I like about IPv6. Makes mass address scanning completely useless.


I'm currently mass scanning IPv6, so are others. v6 results have been on Shodan for I think 7 or 8 years at least?


Are you aware of what SLAAC does? For the most part your scan results are going to be useless in <24h


https://www.rfc-editor.org/rfc/rfc7707#section-4

But in general devices using SLAAC are not typically the things you are looking for when scanning.


Hosts with randomized addresses are likely to have auto-generated PTR records, or none at all, so for the purpose of rDNS resolution those are not a big issue.

And that’s a detail, but SLAAC as in RFC4842 is deterministic. The randomization is introduced by the privacy extensions in RFC4941.


How large of a prefix are you scanning and are you preseeding your scans?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: