Tag Archives: v6 security

  • On the Practical Feasibility of Ping Sweeping IPv6 Networks

    The IPv6 address space is huge.  On paper each IPv6 subnet (/64) supports more than 18.4 quintillion hosts (millions, billions, trillions, quadrillions and then quintillions).  It’s an amazingly large number.  By every conceivable measure today we can’t contemplate a situation where anything but the tiniest portion of that address space will actually be utilized.  Assuming you never have more than a few hundred nodes on each local segment (a common and best practice using today’s technologies) the randomly generated addresses of your nodes are effectively hidden within the total number of possibilities.  Actually finding one of your nodes using an ICMP ping sweep becomes almost impossible.  We are no longer talking about playing the networking equivalent of Where’s Waldo?, that would be easy.  This is something completely different.