Menu
A large (the major) part of developing a web application is to make it abuse-proof, more specifically spammer-proof.
I've just noticed that today's spambots manage to request a form, fill it in, submit it, and re-submit it (e.g. in case the CMS asks for more information before actually taking in the form data)... all from different IPv4 addresses.
First, two side questions:
Then, to the meat of this question:
With its practically limitless number of addresses, will IPv6 make it easier for spammers to make webmasters' and web application developers' lives miserable?
Maybe end users will all have their own, static IPv6, which is a good thing for us because we can more easily block users whose machines are compromised.
Or spammers could continue to attack us from different angles, never using the same IPv6 twice... I am not too sure how it would work technically, especially since I don't even understand how it works with IPv4.
Question asked more or less on the day when IPv4 addresses are exhausted at the top level.
469
The IPv6 protocol can handle packets more efficiently, improve performance and increase security. It enables internet service providers to reduce the size of their routing tables by making them more hierarchical.
So if the protocol has been ready to roll for more than 20 years, why isn't it everywhere yet? Perhaps the primary reason IPv6 has been slow to take hold is because of network address translation (NAT), which has the ability to take a collection of private IP addresses and make them public.
On the public Internet, an observer can see and track your public IPv6 address, but that will be changing each and every day, making any kind of long-term tracking rather difficult or resource-consuming.
FBI, Drug Enforcement Administration, and Royal Canadian Mounted Police officials have told industry representatives that IPv6 traceability is necessary to identify people suspected of crimes. The FBI has even suggested that a new law may be necessary if the private sector doesn't do enough voluntarily.
The short answer is that IPv6 probably makes stopping spammers easier, not more difficult.
To elaborate: while IPv6 allows hosts to cycle through a virtually unlimited number of RFC 4941 privacy addresses from which to make connections to your web application, the good news is that the 64-bit network identifier part of their addresses can pretty reasonably be mapped to a fairly static subscriber identifier.
Going forward with IPv4 on the other hand, the situation will soon start looking pretty grim. As more Internet service providers start dealing with IPv4 address exhaustion by aggregating subscribers behind large-scale NAT gateways, you're going to lose the ability to treat subscribers as if they each have a unique identifier in their IPv4 address. At some point, spammers will use this to their advantage against you, and your choice will be to cut off vast tracts of innocent IPv4 users coming through NAT gateways where a lot of compromised hosts are located, or to get better about detecting and removing spam after the fact.
171
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
