[AfrIPv6-Discuss] Need of help for scaning ipv6 block

[Alejandro Acosta]

Hello Jordi, Malick

  Jordi, thanks for forwarding this message. Hope my response goes thru
since I'm also subscribe to afripv6.

Malick,

  As Jordi said we are working in a very similar study (actually
probably identical), in this moment I'm happy to tell you we have
everything up & running.

  The take away of Jordi's message and our message in general is that
you need to take a different approach, you can not just scan the full
IPv6 address space; you mentioned nmap however AFAIK nmap does not allow
IPv6 host scanning. As an additional comment many years ago, just for
fun (I was leaning multi threading) I wrote a very short python3 script
for host scanning IPv6 networks [1]:
https://blog.acostasite.com/2014/12/python-script-probably-useless-but.html

  The key part for your project is to identify the recursive resolvers,
you have many ways of doing this, example: you could use the logs of a
DNS authoritative server for a zone.

  Here you will find more information (in English):

https://prensa.lacnic.net/news/en/research/new-lacnic-research-initiative-identifies-open-dns-servers-in-the-region

https://prensa.lacnic.net/news/en/ipv6-en/lacnic-launches-new-service-for-detecting-open-dns-servers-with-ipv6-in-the-region

Our public tester:

https://warp.lacnic.net/dns-open-resolvers-con-ipv6


  We are publishing some results (worldwide, not only LACNIC region):

https://stats.labs.lacnic.net/IPv6/DNSOpenResolver/


  Hope the above helps.


Alejandro,

[1] https://github.com/alejandroacostaalamo/Python3-ipv6hostscanner


On 11/3/19 9:33 AM, JORDI PALET MARTINEZ wrote:

>

> I can point to the authors of a similar study in LACNIC (in copy).

>

>  

>

> https://labs.lacnic.net/Identificando-servidores-DNS-IPv6-Open-Resolvers/

>

>  

>

> The article mentions as well a similar study in RIPE. Sorry is Spanish!

>

>  

>

> I think the point is to go from the “reverse root server” administered

> by Afrinic, so you don’t need to do a complete scanning, which will be

> near to impossible …

>

>  

>

> This was also presented in the LACNIC31:

> https://www.lacnic.net/3636/50/evento/agenda-lacnic-31#thursday-ftl

>

>  

>

> Look for the slides and video:

>

>  

>

> *Identifying Open Resolvers in IPv6*

> Alejandro Acosta, Darío Gómez

>

>  

>

> I’m sure they will be able to help!

>

>  

>

> Regards,

>

> Jordi

>

> @jordipalet

>

>  

>

>  

>

>  

>

> El 3/11/19 16:21, "Malick K. ALASSANE" <alkomalick at gmail.com

> <mailto:alkomalick at gmail.com>> escribió:

>

>  

>

> My objective for this study is to detect open DNS resolvers in the

> AFRINIC IP space. 

>

>  

>

> Le dim. 3 nov. 2019, à 16 h 05, JORDI PALET MARTINEZ via

> AfrIPv6-Discuss <afripv6-discuss at afrinic.net

> <mailto:afripv6-discuss at afrinic.net>> a écrit :

>

>     Hi Malick,

>

>      

>

>     That’s somehow, one of the “advantages” of IPv6, that make it much

>     more difficult.

>

>      

>

>     If the operators and end-users are doing a good work, they will

>     not be assigning neither contiguous prefixes, neither contiguous

>     prefixes/LANs, neither contiguous hosts!

>

>      

>

>     May be if you explain a bit more what you’re trying to achieve, we

>     can give some ideas.

>

>      

>

>     Regards,

>

>     Jordi

>

>     @jordipalet

>

>      

>

>      

>

>      

>

>     El 3/11/19 15:57, "Malick K. ALASSANE" <alkomalick at gmail.com

>     <mailto:alkomalick at gmail.com>> escribió:

>

>      

>

>     Good morning, everyone!

>     I'm doing a study on afrinic's IP address blocks. I didn't have

>     any constraints with ipv4 address blocks. The use of the zmap tool

>     allowed me to do a quick scan on all available IPV4 addresses.

>     Unfortunately, i don't know how to scan IPV6 blocks without taking

>     a long time. Nmap, can help me, but it could take several years to

>     finish. Zmap or Masscan don't support ipv6. 

>

>     I would like to know if anyone has a solution to quickly scan ipv6

>     address blocks to identify ipv6 servers that offer a service.

>

>      

>

>     Thanks for your help!

>

>     _______________________________________________ AfrIPv6-Discuss

>     mailing list AfrIPv6-Discuss at afrinic.net

>     <mailto:AfrIPv6-Discuss at afrinic.net>

>     https://lists.afrinic.net/mailman/listinfo/afripv6-discuss

>

>

>     **********************************************

>     IPv4 is over

>     Are you ready for the new Internet ?

>     http://www.theipv6company.com

>     The IPv6 Company

>

>     This electronic message contains information which may be

>     privileged or confidential. The information is intended to be for

>     the exclusive use of the individual(s) named above and further

>     non-explicilty authorized disclosure, copying, distribution or use

>     of the contents of this information, even if partially, including

>     attached files, is strictly prohibited and will be considered a

>     criminal offense. If you are not the intended recipient be aware

>     that any disclosure, copying, distribution or use of the contents

>     of this information, even if partially, including attached files,

>     is strictly prohibited, will be considered a criminal offense, so

>     you must reply to the original sender to inform about this

>     communication and delete it.

>

>     _______________________________________________

>     AfrIPv6-Discuss mailing list

>     AfrIPv6-Discuss at afrinic.net <mailto:AfrIPv6-Discuss at afrinic.net>

>     https://lists.afrinic.net/mailman/listinfo/afripv6-discuss

>

> _______________________________________________ AfrIPv6-Discuss

> mailing list AfrIPv6-Discuss at afrinic.net

> https://lists.afrinic.net/mailman/listinfo/afripv6-discuss

>

>

> **********************************************

> IPv4 is over

> Are you ready for the new Internet ?

> http://www.theipv6company.com

> The IPv6 Company

>

> This electronic message contains information which may be privileged

> or confidential. The information is intended to be for the exclusive

> use of the individual(s) named above and further non-explicilty

> authorized disclosure, copying, distribution or use of the contents of

> this information, even if partially, including attached files, is

> strictly prohibited and will be considered a criminal offense. If you

> are not the intended recipient be aware that any disclosure, copying,

> distribution or use of the contents of this information, even if

> partially, including attached files, is strictly prohibited, will be

> considered a criminal offense, so you must reply to the original

> sender to inform about this communication and delete it.

>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/afripv6-discuss/attachments/20191104/5fdaff16/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pEpkey.asc
Type: application/pgp-keys
Size: 1782 bytes
Desc: not available
URL: <https://lists.afrinic.net/pipermail/afripv6-discuss/attachments/20191104/5fdaff16/attachment-0001.bin>