[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security problem?

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Security problem?
From: "Chris L. Mason" <cmason_(_at_)_unixzone_(_dot_)_com>
Date: Thu, 5 Oct 2000 12:30:08 -0400

On Thu, Oct 05, 2000 at 12:05:49PM -0400, Darik Horn wrote:
> 
> In my area, the @Home guys internally use addresses in the 10.x.x.x range.  
> 
> For example, if I traceroute on the @Home network between Brantford and
> Waterloo in Ontario then all of the hops have addresses in 10.x.x.x except
> the target.  I would not ban traffic coming from those addresses because
> some of it will be legitimate.
> 
> eg:
> 
>  1  10.18.0.1  1.848 ms  1.808 ms  9.682 ms
>  2  10.0.184.25  3.181 ms  5.611 ms  3.161 ms
>  3  10.0.184.130  3.785 ms  3.369 ms  9.434 ms
>  4  10.0.184.14  6.759 ms  4.723 ms  4.631 ms
>  5  24.112.101.192  6.702 ms  6.67 ms  6.426 ms
> 

Yeah, I know, I wish they wouldn't do that.  However, I *do* block all
10.0.0.0/8 addresses, and it's not a problem because anyone connecting to
me doesn't have a 10.x.x.x source address.  The fact that they route
through them at some point doesn't cause a problem because ipf (or the
applications) never see this.  I've been running this way for months with
no problem.

The only thing this stops is @home technicians from connecting to my system
if they're trying stuff when logged in to those routers, and that doesn't   
really concern me.  :)

Chris
(Btw, when is @home going to start assigning IPv6 addresses?  I want one!)

References:
- Re: Security problem?
  - From: Chris L. Mason
- Re: Security problem?
  - From: Darik Horn

Prev by Date: Re: Security problem?
Next by Date: Re: Security problem?
Previous by thread: Re: Security problem?
Next by thread: Re: Security problem?
Index(es):
- Date
- Thread

Visit your host, monkey.org