[PLUG] IPv4 address exhaustion - beginning of the end in 8 days
Randal L. Schwartz
merlyn at stonehenge.com
Thu Jan 27 03:25:22 UTC 2011
>>>>> "Michael" == Michael Rasmussen <michael at jamhome.us> writes:
Michael> Ping me if you like 2001:470:a:4af::2
OK...
Locohost.local:~ % ping6 2001:470:a:4af::2
PING6(56=40+8+8 bytes) 2001::4137:9e76:0:f226:b8c4:77e8 -->
2001:470:a:4af::2
16 bytes from 2001:470:a:4af::2, icmp_seq=0 hlim=61 time=132.864 ms
16 bytes from 2001:470:a:4af::2, icmp_seq=1 hlim=61 time=43.426 ms
16 bytes from 2001:470:a:4af::2, icmp_seq=2 hlim=61 time=44.492 ms
16 bytes from 2001:470:a:4af::2, icmp_seq=3 hlim=61 time=40.568 ms
16 bytes from 2001:470:a:4af::2, icmp_seq=4 hlim=61 time=40.292 ms
16 bytes from 2001:470:a:4af::2, icmp_seq=5 hlim=61 time=40.283 ms
16 bytes from 2001:470:a:4af::2, icmp_seq=6 hlim=61 time=45.263 ms
^C
Now, here's the scary part:
Locohost.local:~ % nmap -6 -v 2001:470:a:4af::2
Starting Nmap 5.21 ( http://nmap.org ) at 2011-01-26 19:23 PST
Initiating Ping Scan at 19:23
Scanning 2001:470:a:4af::2 [2 ports]
Completed Ping Scan at 19:23, 0.05s elapsed (1 total hosts)
Initiating System DNS resolution of 1 host. at 19:23
Completed System DNS resolution of 1 host. at 19:23, 0.00s elapsed
Initiating Connect Scan at 19:23
Scanning michaelrpdx-1-pt.tunnel.tserv14.sea1.ipv6.he.net
(2001:470:a:4af::2) [1000 ports]
Discovered open port 993/tcp on 2001:470:a:4af::2
Discovered open port 143/tcp on 2001:470:a:4af::2
Discovered open port 113/tcp on 2001:470:a:4af::2
Discovered open port 22/tcp on 2001:470:a:4af::2
Completed Connect Scan at 19:23, 2.78s elapsed (1000 total ports)
Nmap scan report for michaelrpdx-1-pt.tunnel.tserv14.sea1.ipv6.he.net
(2001:470:a:4af::2)
Host is up (0.076s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
113/tcp open auth
143/tcp open imap
993/tcp open imaps
Read data files from: /opt/local/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 2.87 seconds
If that wasn't already a public-facing machine, and you were counting on
NAT as a firewall (reasonable until now), time to lock down your machine
a bit more. :)
By the way, I'm currently sitting at a wifi hotspot, with my v6
connectivity automatically enabled via Miredo (a Teredo client). Didn't
have to hit a thing, and I'm on V6.
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn at stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.posterous.com/ for Smalltalk discussion
More information about the PLUG
mailing list