Re: Is this true?

On 8/26/2010 4:10 PM, Dave CROCKER wrote:

in this case, the vastly larger address space of IPv6 permits attackers
to switch to new addresses at a rate that was not possible with IPv4.
this is likely to defeat the substantial infrastructure of
attack-tracking that is address-based, such as for anti-spam.

This statement is a bit oversimplified, so a slightly oversimplifiedresponse in return. In IPv4 attack-tracking the /32 is considered butmost tools are smart enough to aggregate up to at least the /24, andoften (for better or worse) up to shorter prefixes as well. If weconsider the v6 /64 as roughly equivalent to the v4 /32; lather, rinse,repeat.


Even more vastly oversimplified response, Brian's right. :)


Doug
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread]	Current Thread	[Next in Thread>
Is this true?, jean-michel bernier de portzamparc Re: Is this true?, Brian E Carpenter Re: Is this true?, Dave CROCKER Re: Is this true?, Brian E Carpenter Re: Is this true?, Dave CROCKER Re: Is this true?, Brian E Carpenter Re: Is this true?, Doug Barton <= Re: Is this true?, Florian Weimer Re: Is this true?, Fernando Gont Re: Is this true?, Phillip Hallam-Baker Re: Is this true?, Fernando Gont Re: Is this true?, Paul Ferguson Re: Is this true?, Phillip Hallam-Baker Re: Is this true?, Phillip Hallam-Baker Re: Is this true?, Arnt Gulbrandsen Re: Is this true?, Dave Cridland Re: Is this true?, Phillip Hallam-Baker