{"draft":"draft-ietf-v6ops-scanning-implications-04","doc_id":"RFC5157","title":"IPv6 Implications for Network Scanning","authors":["T. Chown"],"format":["ASCII","HTML"],"page_count":"13","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"IPv6 Operations","abstract":"The much larger default 64-bit subnet address space of IPv6 should in\r\nprinciple make traditional network (port) scanning techniques used by\r\ncertain network worms or scanning tools less effective.  While\r\ntraditional network scanning probes (whether by individuals or\r\nautomated via network worms) may become less common, administrators\r\nshould be aware that attackers may use other techniques to discover\r\nIPv6 addresses on a target network, and thus they should also be\r\naware of measures that are available to mitigate them.  This\r\ninformational document discusses approaches that administrators could\r\ntake when planning their site address allocation and management\r\nstrategies as part of a defence-in-depth approach to network\r\nsecurity.  This memo provides information for the Internet community.","pub_date":"March 2008","keywords":["subnet address space"],"obsoletes":[],"obsoleted_by":["RFC7707"],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5157","errata_url":null}