As IPv6 deployment accelerates, understanding the evolving security posture of network peripheries becomes increasingly important. A DSN 2021 study introduced the first large-scale discovery of IPv6 network peripheries, uncovering risks like service exposure and routing loops. However, its scope was limited to three regions and is now outdated. In this paper, we revisit and significantly expand upon that work, presenting a comprehensive, up-to-date security assessment of IPv6 network peripheries. To support efficient large-scale scanning, we propose a novel Response-Guided Prefix Selection (RGPS) strategy to identify high-value IPv6 prefixes for probing. Our global-scale measurement covers 73 countries/regions and identifies over 281.9M active IPv6 network peripheries, including a 371.2\% increase (245M) over the 52M reported in 2021 for India, China, and America. Our service exposure analysis shows that 2.5\% of reachable services are still dangerously exposed, including outdated administrative interfaces and misconfigured servers, while correlation with known CVEs reveals recurring software vulnerabilities. Building on this service-exposure perspective, we further design a Hierarchical LLM Exposure Verification (HLEV) framework to identify unauthorized-access risks in exposed LLM deployment tools, revealing multiple security weaknesses caused by insecure default configurations and missing authentication. Additionally, we revisit routing loop vulnerabilities and identify 4.5M loop-prone responses, confirming that flawed routing behaviors remain widespread across vendors and countries/regions. These findings suggest that while IPv6 adoption has surged, key security challenges persist and are structurally embedded.

翻译：随着IPv6部署的加速推进，理解网络边界不断演变的安全态势变得愈发重要。DSN 2021年的一项研究首次实现了对IPv6网络边界的大规模发现，揭示了服务暴露和路由环路等风险。然而，该研究范围仅限于三个地区且目前已显过时。本文重新审视并显著扩展了该项工作，提出了针对IPv6网络边界的全面、最新的安全评估。为支持高效的大规模扫描，我们提出了一种新颖的响应引导前缀选择（RGPS）策略，以识别高价值的IPv6前缀进行探测。我们的全球规模测量覆盖73个国家/地区，识别出超过2.819亿个活动的IPv6网络边界，其中包括印度、中国和美国地区2021年报告的5200万个相比，增加了3.712亿个（增幅371.2%）。服务暴露分析显示，2.5%的可达服务仍处于危险暴露状态，包括过时的管理界面和配置错误的服务器，而与已知CVE的关联分析揭示了反复出现的软件漏洞。基于此服务暴露视角，我们进一步设计了分层LLM暴露验证（HLEV）框架，用于识别暴露的LLM部署工具中的未授权访问风险，揭示了因不安全的默认配置和缺失认证导致的多个安全弱点。此外，我们重新审视了路由环路漏洞，识别出450万个易产生环路的响应，证实了有缺陷的路由行为在供应商和国家/地区间仍广泛存在。这些发现表明，尽管IPv6采用率激增，关键安全挑战依然存在且结构性嵌入。