except scanning a /64 takes a ethernity....
On 1 Dec 2019, at 19:05, Nico Schottelius nico.schottelius@ungleich.ch wrote:
Hey Klaus,
I am surprised you are surprised.
Why would one *not* want to scan your particular home network?
IPv6 is on the rise and scanning networks / IPs is a standard thing in the IPv4 world. So it would be a surprise to me, why people would not want to at least try to find devices in IPv6 based networks.
Best,
Nico
Klaus Ethgen Klaus+swinog@Ethgen.de writes:
Hi,
Currently I see day long IPv6 scans from networks of Akamai (2a02:26f0:f3::/48), Google (2a00:1450:4000::/37), Apple (2a01:110::/31), Microsoft (2a01:b740::/29), Swisscom (2001:918::/32) and Init7 (2001:1620::/32) to my Network @HOME. They all try to enumerate hosts and ports in 2a02:168:4e82:0:* that does not and never have exists.
The net is a fiber7 port.
Anybody an idea what is going on here? On request I can provide more informations like pcaps.
The scans are sourced from all over that mentioned networks above.
While I have no scruples to block Apple, Microsoft, Akamai or other bad behaving networks, I do not want to block Swisscom or Init7 if not needed.
Needless to say that I do not have any public service behind my fiber7 port.
Gruß Klaus
-- Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog