Security Basics mailing list archives

RE: Strange IP

From: "Timothy Dillman" <info () globaldataconsulting com>
Date: Mon, 15 Aug 2005 14:30:45 -0500

 
What does your DHCP server say?  

Also, I did a quick search of www.marconi.com and learned that "Element
Manager" falls under an umbrella product called "ServiceOn".  It is used to
managed and monitor various optical network elements so you might look at
any LAN or WAN fiber you have deployed.

Tim Dillman - CCE, CCNA
Global Data Consulting, LLC
9901 N. Hedges Ave.
Kansas City, MO. 64157
o:(816)841-2511
c:(816)519-2366
f:(816)841-2598
info () globaldataconsulting com


-----Original Message-----
From: Jeff MacDonald [mailto:jam () zoidtechnologies com] 
Sent: Friday, August 12, 2005 2:42 PM
To: idolcrash () gmail com
Cc: security-basics () securityfocus com
Subject: Re: Strange IP

On Fri, Aug 12, 2005 at 02:46:43AM -0000, idolcrash () gmail com wrote:

Hello all, I recently ran Angry IP Scanner to see what was on my 
network, so I could get the IP of a wireless access point I use to tinker

with it.

However, I found a strange thing residing at 192.168.15.2, which ran 
something by Marconi called Element Manager. My network starts at 
192.168.0.x, so I was wondering if this is still in the realm of a 
private network (so far as IP assignment) and if anyone had any info 
on what exactly this is.


yes, 192.168.0.0/16 is considered "private" space (so is 10.0.0.0/8 and
172.16/12), so 192.168.15.0/24 fits in there.. if you have the netmasks
configured right, 192.168.15.0/24 shouldn't work, though.. that is another
issue, I suppose. 

here is a link to RFC1918: <http://www.rfc-editor.org/rfc/rfc1918.txt>

Also, I would appreciate it if some could direct me to some decent 
network administration tools I can use to secure and find 
vulnerabilities with my network. I am still at a 'new' level with 
network security and administration (which I've been interested in for 
a long time, but I've just been overwhelmed by all the information out 
there) and enjoy learning whatever I can. Thanks.


personally I use nmap (latest version) for network scans (free from
<http://insecure.org/>), and nessus for scanning and finding vulnerabilities
<http://nessus.org/>.. as for "administration" (i.e. "fixing stuff") you're
on your own. :)

hth..

regards,
J

Current thread:

Strange IP idolcrash (Aug 12)
- Re: Strange IP Jeff MacDonald (Aug 15)
  - RE: Strange IP Timothy Dillman (Aug 16)
- Re: Strange IP matt (Aug 16)
  - Re: Strange IP Douglas Duckworth (Aug 22)
- RE: Strange IP Steve McLaughlin (Aug 16)
  - Re: Strange IP Idol Crash (Aug 16)
- Re: Strange IP Dave Aronson (Aug 16)
  - Re: Strange IP Ansgar -59cobalt- Wiechers (Aug 23)
- <Possible follow-ups>
- Re: Strange IP terminal . checks . pop3 (Aug 15)
- RE: Strange IP Jeff Gercken (Aug 16)