ip6.arpa, prior art and results

When I posted the idea from my previous blogpost to the ipv6hackers mailing list and my Twitter account, I was expecting to hear that this had been done before and I had found nothing new.

As it turns out, many people (Viagénie, Bill Manning, Ryan Rawdon) knew about this trick already. Somebody (I forget who/where) pointed out that this trick worked well for e164.arpa-mapping too. Indeed, I have used this trick to do statistics on other sparse but deep zones years ago.

But, to many other people, this idea was totally novel. Marc ‘van Hauser’ Heuse added a tool based on this idea to his thc-ipv6 IPv6 hacker toolkit, and Patrik ‘nevdull77’ Karlsson committed an nmap script employing the same technique.

Simon Arlott (pointed out to me by Ryan Rawdon) took it one step further – he also wrote a tool to mitigate this trick in a very clever way. Check out the README and ip6dnshide.py in his ip6walk github repo. The trick works with ldns (1.6.12)+NSD (3.2.10) but BIND9 (9.9.0b1) rejects the resulting zone file due to non-terminal wildcards.

All in all, the idea was not new but it deserved some exposure. I am glad I was able to provide that :)

I have added some progress reporting to my implementation and at least one issue has been filed against it. I do not intend to develop this further (although I may at some point write a more parallel version), as at least three other implementations exist, and at least two of those are likely to see more usage than my script anyway.

blogroll

social