IPv6 Implications for Network Scanning, March 2008
- File formats:
- Obsoleted by:
- RFC 7707
- T. Chown
- v6ops (ops)
Cite this RFC: TXT | XML | BibTeX
Discuss this RFC: Send questions or comments to the mailing list email@example.com
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 5157
The much larger default 64-bit subnet address space of IPv6 should in principle make traditional network (port) scanning techniques used by certain network worms or scanning tools less effective. While traditional network scanning probes (whether by individuals or automated via network worms) may become less common, administrators should be aware that attackers may use other techniques to discover IPv6 addresses on a target network, and thus they should also be aware of measures that are available to mitigate them. This informational document discusses approaches that administrators could take when planning their site address allocation and management strategies as part of a defence-in-depth approach to network security. This memo provides information for the Internet community.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.