As IPv6 deployment accelerates, understanding the evolving security posture of network peripheries becomes increasingly important. A DSN 2021 study introduced the first large-scale discovery of IPv6 network peripheries, uncovering risks like service exposure and routing loops. However, its scope was limited to three regions and is now outdated. In this paper, we revisit and significantly expand upon that work, presenting a comprehensive, up-to-date security assessment of IPv6 network peripheries. To support efficient large-scale scanning, we propose a novel Response-Guided Prefix Selection (RGPS) strategy to identify high-value IPv6 prefixes for probing. Our global-scale measurement covers 73 countries/regions and identifies over 281.9M active IPv6 network peripheries, including a 371.2% increase (245M) over the 52M reported in 2021 for India, China, and America. Our service exposure analysis shows that 2.5% of reachable services are still dangerously exposed, including outdated administrative interfaces and misconfigured servers, while correlation with known CVEs reveals recurring software vulnerabilities. Building on this service-exposure perspective, we further design a Hierarchical LLM Exposure Verification (HLEV) framework to identify unauthorized-access risks in exposed LLM deployment tools, revealing multiple security weaknesses caused by insecure default configurations and missing authentication. Additionally, we revisit routing loop vulnerabilities and identify 4.5M loop-prone responses, confirming that flawed routing behaviors remain widespread across vendors and countries/regions. These findings suggest that while IPv6 adoption has surged, key security challenges persist and are structurally embedded.

翻译：随着IPv6部署加速，理解网络外围不断演变的安全态势变得日益重要。DSN 2021的一项研究首次大规模发现IPv6网络外围，揭示了服务暴露和路由环路等风险。然而，该研究范围仅局限于三个地区且现已过时。本文重新审视并显著扩展了该工作，提出了IPv6网络外围的全面、最新安全评估。为支持高效大规模扫描，我们提出了一种新颖的响应引导前缀选择（Response-Guided Prefix Selection, RGPS）策略，以识别高价值IPv6前缀进行探测。我们的全球测量覆盖73个国家/地区，识别出超过2.819亿个活跃IPv6网络外围，其中包括印度、中国和美国地区相较于2021年报告的5200万个的3.712倍增长（2.45亿）。服务暴露分析显示，2.5%的可达服务仍存在危险暴露，包括过时的管理界面和配置错误的服务器，而与已知CVE的关联分析揭示了重复出现的软件漏洞。基于此服务暴露视角，我们进一步设计了分层LLM暴露验证（Hierarchical LLM Exposure Verification, HLEV）框架，以识别暴露的LLM部署工具中的未授权访问风险，揭示了由不安全的默认配置和缺失身份验证导致的多个安全弱点。此外，我们重新审视了路由环路漏洞，识别出450万个易产生环路的响应，证实了有缺陷的路由行为在不同供应商和国家/地区仍普遍存在。这些发现表明，尽管IPv6采用率激增，但关键安全挑战依然存在且结构性嵌入。