IPv6 Implications for Network Scanning
RFC 5157, “IPv6 Implications for Network Scanning”, is an Informational document published in March 2008 by T. Chown. It has been obsoleted by RFC 7707 — refer to the newer document for the authoritative version. The canonical text is published by the RFC Editor.
Abstract
The much larger default 64-bit subnet address space of IPv6 should in principle make traditional network (port) scanning techniques used by certain network worms or scanning tools less effective. While traditional network scanning probes (whether by individuals or automated via network worms) may become less common, administrators should be aware that attackers may use other techniques to discover IPv6 addresses on a target network, and thus they should also be aware of measures that are available to mitigate them. This informational document discusses approaches that administrators could take when planning their site address allocation and management strategies as part of a defence-in-depth approach to network security. This memo provides information for the Internet community.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 5157 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 5156 Special-Use IPv6 Addresses
- RFC 5158 6to4 Reverse DNS Delegation Specification
- RFC 5155 DNS Security Hashed Authenticated Denial of Existence
- RFC 5159 Session Description Protocol Attributes for Open Mobile Alliance Broadcast Service and Content Protection
- RFC 5154 IP over IEEE 802.16 Problem Statement and Goals
- RFC 5160 Considerations of Provider-to-Provider Agreements for Internet-Scale Quality of Service
- RFC 5153 IP Flow Information Export Implementation Guidelines
- RFC 5161 The IMAP ENABLE Extension