> A private network will ideally present as an opaque black box to the outside.
Good luck (trying to) scanning a IPv6 /64 subnet.
I've been in IT for 20+ years, and I have yet to find a situation where blocking ICMP(v6) caused more benefits than problems.
Ditto for my home network: my last ISP had IPv6, and I had an Asus router which blocked unsolicited incoming connections: I could not SSH to any of my Macs from the outside (by default), but could ping if I knew the address (but good luck guessing 2^64).
If you want to try to enumerate the equivalent of 4.3 billion IPv4 Internets that is a single IPv6 subnet, have fun.
Good luck (trying to) scanning a IPv6 /64 subnet.
I've been in IT for 20+ years, and I have yet to find a situation where blocking ICMP(v6) caused more benefits than problems.
Ditto for my home network: my last ISP had IPv6, and I had an Asus router which blocked unsolicited incoming connections: I could not SSH to any of my Macs from the outside (by default), but could ping if I knew the address (but good luck guessing 2^64).
If you want to try to enumerate the equivalent of 4.3 billion IPv4 Internets that is a single IPv6 subnet, have fun.