On 8/26/2010 4:10 PM, Dave CROCKER wrote:
in this case, the vastly larger address space of IPv6 permits attackers
to switch to new addresses at a rate that was not possible with IPv4.
this is likely to defeat the substantial infrastructure of
attack-tracking that is address-based, such as for anti-spam.
This statement is a bit oversimplified, so a slightly oversimplified
response in return. In IPv4 attack-tracking the /32 is considered but
most tools are smart enough to aggregate up to at least the /24, and
often (for better or worse) up to shorter prefixes as well. If we
consider the v6 /64 as roughly equivalent to the v4 /32; lather, rinse,
repeat.
Even more vastly oversimplified response, Brian's right. :)
Doug
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf