[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security problem?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Security problem?
- From: "Chris L. Mason" <cmason_(_at_)_unixzone_(_dot_)_com>
- Date: Thu, 5 Oct 2000 12:30:08 -0400
On Thu, Oct 05, 2000 at 12:05:49PM -0400, Darik Horn wrote:
> In my area, the @Home guys internally use addresses in the 10.x.x.x range.
> For example, if I traceroute on the @Home network between Brantford and
> Waterloo in Ontario then all of the hops have addresses in 10.x.x.x except
> the target. I would not ban traffic coming from those addresses because
> some of it will be legitimate.
> 1 10.18.0.1 1.848 ms 1.808 ms 9.682 ms
> 2 10.0.184.25 3.181 ms 5.611 ms 3.161 ms
> 3 10.0.184.130 3.785 ms 3.369 ms 9.434 ms
> 4 10.0.184.14 6.759 ms 4.723 ms 4.631 ms
> 5 184.108.40.206 6.702 ms 6.67 ms 6.426 ms
Yeah, I know, I wish they wouldn't do that. However, I *do* block all
10.0.0.0/8 addresses, and it's not a problem because anyone connecting to
me doesn't have a 10.x.x.x source address. The fact that they route
through them at some point doesn't cause a problem because ipf (or the
applications) never see this. I've been running this way for months with
The only thing this stops is @home technicians from connecting to my system
if they're trying stuff when logged in to those routers, and that doesn't
really concern me. :)
(Btw, when is @home going to start assigning IPv6 addresses? I want one!)
Visit your host, monkey.org