RFC 5157

IPv6 Implications for Network Scanning, March 2008

Canonical URL:
https://www.rfc-editor.org/rfc/rfc5157.txt
File formats:
Plain TextPDF
Status:
INFORMATIONAL
Obsoleted by:
RFC 7707
Author:
T. Chown
Stream:
IETF
Source:
v6ops (ops)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC5157

Discuss this RFC: Send questions or comments to v6ops@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

The much larger default 64-bit subnet address space of IPv6 should in principle make traditional network (port) scanning techniques used by certain network worms or scanning tools less effective. While traditional network scanning probes (whether by individuals or automated via network worms) may become less common, administrators should be aware that attackers may use other techniques to discover IPv6 addresses on a target network, and thus they should also be aware of measures that are available to mitigate them. This informational document discusses approaches that administrators could take when planning their site address allocation and management strategies as part of a defence-in-depth approach to network security. This memo provides information for the Internet community.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×