Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <87y5qjjg5m.fsf@mid.deneb.enyo.de>
Date: Thu, 29 Mar 2012 22:39:17 +0200
From: Florian Weimer <fw@...eb.enyo.de>
To: oss-security@...ts.openwall.com
Subject: Re: Interesting blog entry - Finding v6 hosts by efficiently mapping ip6.arpa

* Kurt Seifried:

> http://7bits.nl/blog/2012/03/26/finding-v6-hosts-by-efficiently-mapping-ip6-arpa

It works.  I have used it for enumerating the e164.arpa tree, which
has a similarly regular structure, too, and for finding TLDs which
have redirected second level domains on ISC's Dnschanger replacement
name servers.

> If this works it would make network scanning a whole heck of a lot
> easier.

Reverse delegation is still not fully solved with IPv6 (and will
probably never be), so non-synthetic answers will be rare.
Particularly for anything which doesn't speak SMTP.

If you want to use DNS to facility IPv6 scanning, you probably should
store every AAAA you see in a database.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.