Network technology-IPv6 applications for Linux networks (3)

Article title: Network Technology-IPv6 applications for Linux networks (3 ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
The syntax is quite simple: different nmap options and the-s flag form different scanning types. the Ipv6 nmap supports two scanning methods:
　　
-ST is Port Scanning, which is usually called Port scan.
　　
-SS is tcp syn, which is usually called semi-development scanning.
　　
Nmap scan Port instance:
　　
# Nmap-6-sT: 1
　　
Starting nmap 3.48 (http://www.insecure.org/nmap/) at UTC
　　
All 1657 scanned ports on: 1 are: closed
　　
Nmap run completed -- 1 IP address (1 host up) scanned in 20.521 seconds
　　
The output scan report shows that Nmap has scanned 1657 ports. one is enabled, and the other is disabled.
　　
Note: If you plan to use Nmap in an IPv6 network, the following experiences may help you:
　　
● Avoid misunderstanding. Do not randomly select the scan target to test Nmap. Many organizations regard port scanning as malicious, so it is best to test Nmap on the internal network. If necessary, tell your colleagues that you are experimenting with port scanning because scanning may cause IDS alarms and other network problems.
　　
● Establish Security benchmarks. With the help of Nmap, reinforce the network and find out which systems and services may be attacked. The next step is to establish a security benchmark from these known systems and services, in the future, if you want to enable a new service or server, you can easily perform the operation based on this security benchmark.
　　
If you want to view Linux programs that work on Ipv6 networks, visit: http://www.netcore.fi/pekkas/linux/ipv6/, where you can find many RPM packages with IPv6 support.
　　
Table 1 Comparison of IPv4 and IPv6 functions in Linux
　　
　　 IPv4
The IPv4 address is 127.0.0.1.
　　
The source and target addresses are both 32 characters in length (4 bytes ). IPv4 can provide 4294967296 addresses.
　　
IPv4 uses the Internet Group Management Communication Protocol (IGMP) to manage the identity of the sub-network group members of the local machine.
　　
IPSec support is optional.
　　
In an IPv4 packet header, the router does not recognize the payload for QoS processing.
　　
Both the router and the transmission host support data segments.
　　
The header includes the check value.
　　
Baotou includes options.
　　
Address Resolution Communication Protocol (ARP) uses the broadcast ARP Request box to resolve an IPv4 address to a link layer address.
　　
Use the Internet Group Management Communication Protocol (IGMP) to manage the identity of the sub-network group members.
　　
Use ICMP Router Discovery to determine the IPv4 address (optional) with the best preset gateway ).
　　
Transmit a broadcast address to all nodes on the subnetwork.
　　
You must manually configure or use DHCP.
　　
Use the host address (A) resource record in the Network domain name system (DNS) to map the host name to an IPv4 address.
　　
Maps an IPv4 address to the host name using the index (PTR) resource record in the IN-ADDR.ARPA DNS domain.
　　
　　 IPv6
The IPv6 loop address is 0000: 0000: 0000: 0000: 0000: 0000: 0000: 0001, which can be abbreviated as: 1.
　　
The source and target addresses are both 128 characters in length (16 bytes ). IPv6 increases the original 32-bit address space to 128 bits, and the number is the power of 2 to 128. it can provide 6 × 1023 network addresses per square meter on the Earth.
　　
IPv6 uses Multicast Listener DISD (MLD) messages to replace IGMP.
　　
IPSec support is required.
　　
In an IPv6 packet header, the router uses the Flow Label field to identify the payload for QoS processing.
　　
Vro does not support data segments. Only data fragments are supported by the transmission host.
　　
The header does not include the check value.
　　
All options are moved to the IPv6 expansion header.
　　
Replace ARP Request with the Neighbor Solicitation message of multi-point propagation.
　　
Replace IGMP with Multicast Listener DISD (MLD) messages.
　　
Replace ICMPv4 Router Discovery with ICMPv6 Router Solicitation and Router Advertisement messages, which is required.
　　
No IPv6 broadcast address. Instead, use the link-the multi-point propagation address of all nodes in the local machine field.
　　
Manual configuration or DHCP is not required.
　　
Use the host address (AAAA) resource record in the Network domain name system (DNS) to map the host name to the IPv6 address.
　　
Use the index (PTR) resource record in the IPv6.INT DNS domain to map the IPv6 address to the host name.