Unexpected Applications on IPv6 Ports
Author(s)
Ratmeyer, Maximilian Luther
Advisor(s)
Editor(s)
Collections
Supplementary to:
Permanent Link
Abstract
As global IPv6 usage continues to grow, understanding the makeup of services and misconfigurations on the IPv6 address space is crucial to securing the next generation of networks. Prior work on IPv4 has shown that there are many “unexpected” applications running on non-standard ports, but whether this is true in IPv6 remains unexplored. In this thesis, we extend Stanford LZR fingerprinting tool to run IPv6, and integrate it with Georgia Tech’s scanv6 scanner and various address generation techniques to perform internet-wide scans of 55 ports. Between March and April 2025, we discovered over 102 million responsive service endpoints and classified them as “Expected,” “Unexpected,” or “Unknown.” We find that IPv6 contains higher rates of expected-port services compared to IPv4, yet many ports contain mis assignments of services. Our results highlight the effectiveness of current IPv6 address generating techniques and their applications in internet scanning. This work lays the groundwork for IPv6 vulnerability scanning and possible best practices for large-scale internet scanning in the IPv6 era.
Sponsor
Date
Extent
Resource Type
Text
Resource Subtype
Undergraduate Research Option Thesis