1. Field of the Invention
The present invention relates to the protection of computer systems. More particularly, the present invention relates to a system and method of detecting and defeating Internet protocol version 6 (IPv6) propagation of malicious code.
2. Description of the Related Art
Internet protocol version 4 (IPv4) is the predominant internet protocol (IP) in current use. IPv4 uses a 32-bit address space.
Some forms of malicious code, e.g., worms such as code-red and slammer worms, use random IP address space probing to detect vulnerable targets. As the IPv4 uses a 32-bit address space, address-space probing worms can scan the entire 32-bit IPv4 address space in a relatively short time, propagating to the vulnerable targets detected.
Internet protocol version 6 (IPv6) is the next generation internet protocol. IPv6 uses a 128-bit address space.
Random IP address space probing the entire 128-bit IPv6 address space by an address-space probing worm is substantially difficult, e.g., by a factor of 296 over the 32-bit IPv4 address space by some estimations. Accordingly, address-space probing worms must become more intelligent in detecting vulnerable targets in the 128-bit IPv6 address space.