Global adoption of IPv6 continues to grow, with Google reporting IPv6 as 25% of its client traffic. IPv6 comes with a slew of improvements from larger address space to self-organizing addressing to required support of multicast, but these improvements are a double-edged sword. With NAT going away, DHCP no longer being required, modern operating systems and networks supporting and preferring IPv6 over IPv4, ICMP being required for network operation, iptables not applying to IPv6, and multiple IP addresses being associated with individual interfaces, IPv666 conjures the perfect storm of fail open defaults.
Why, then, haven't more boxes been popped via IPv6? It turns out finding live hosts over IPv6 is a non-trivial problem (2^128 is a little bit bigger than 2^32)!
In this talk we will cover how we've approached solving the IPv6 address discovery problem. We'll cover the various mistakes we made, the predictive clustering model and neighboring address discovery that we've built into our ipv666 toolkit (with a new and improved discovery rate of 343 addresses per second), and the new web portal we've created that provides access to our aggregated IPv6 address data set. In providing this data and tool set we hope to enable researchers to evaluate the security posture of IPv6 hosts.