On Sep 3, 2010, at 5:14 PM, Igor Ybema wrote: > I discovered a external IPv6 host was doing a (rather useless due to the > amount of addresses) IPv6 ICMP scan on our network recurring daily and mostly > during the nights, sometimes with speeds of 1000 scans per second.
Not necessarily so useless, as it was hitting your boxen, eh? ;> Plus, setting bots to go scan isn't very labor-intensive. All the talk about how scanning isn't viable in IPv6-land due to large netblocks doesn't take into account the benefits of illicit automation. Note that hinted scanning, based upon DNS treewalking and so forth, is a useful refinement. > Due to the ammount of IPv6 neighbor discoveries from our routers resulting > from this scan the Neighbour table overflow messages appeared on the machines. Any noticeable effect on router CPU? ----------------------------------------------------------------------- Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> Sell your computer and buy a guitar.
