[ale] hack attempts
Jason Day
jasonday at worldnet.att.net
Fri Feb 11 15:05:03 EST 2005
On Fri, Feb 11, 2005 at 01:21:43PM -0500, Michael H. Warfield wrote:
[snip]
> I keep my ssh access on IPv6 where I can get at it from anywhere on
> IPv4 and yet it can not be scanned for. Metasploit is just doing brute
> force, scan-the-planet, scanning and won't touch IPv6. And IPv6 is
> unscanable. Even 6to4, if you take appropriate precautions (non-trivial
> EUI and restricte ICMP errors returns to non-listening addresses). IPv6
> is also a lot easier to set up and use then that silly "port
> knocking" (which works just as well on IPv6 as well, but who needs it).
Michael,
I'm completely ignorant when it comes to IPv6 and how it compares with
IPv4. I wasn't aware that IPv6 was unscanable, for instance. Do you
have any pointers to more information? Specifically, HOWTOs for setting
up IPv6 on a typical linux server and why I would want to. I'm also
particularly interested in how you've setup ssh on IPv6 only, and the
implications of that.
Many thanks,
Jason
--
Jason Day jasonday at
http://jasonday.home.att.net worldnet dot att dot net
"Of course I'm paranoid, everyone is trying to kill me."
-- Weyoun-6, Star Trek: Deep Space 9
More information about the Ale
mailing list