[Buge]

One thing about IPv6 is that you cannot scan the entire address range looking for open (memcached or other) servers like you can with IPv4.

[lathiat]

Turns out that is not as true as you would think in practice.. you can reduce the search space significantly because of known IPv6 prefixes, EUI-64, a MAC address database and trying a few additional likely addresses such as ::1 ::fffe etc

Not sure what the original source I read on it was, but you can try this: https://www.internetsociety.org/blog/2015/02/ipv6-security-m...

[cm2187]

But servers will almost certainly have a DNS entry. So they aren't really hidden in the immensity of the address space.

[Buge]

Would they be publicly resolvable? And even if they are, how would you find the name? Wouldn't a lot of these machines be internal infrastructure of various companies?