Security Incidents mailing list archives
Re: Somthing intresting.
From: gabriel rosenkoetter <gr () ECLIPSED NET>
Date: Fri, 16 Feb 2001 10:24:53 -0500
On Thu, Feb 15, 2001 at 12:08:45PM -0700, Crypt1 Crypt1 wrote:
While using nmap i found something interesting. My boss's network is on DSL, Setup with 2 ethernet cards. and one computer pluged into the hub the other pluged into the dsl modem. Internet address is 192.168.133.* well i ended up doing a scan on the hole internal subnet When i did i found some computer i did not reconize when i telneted to them a few of them came up as cisco routers and a few came up as DNS servers. (FROM the out side internet) i did a traceroute to them and they resolved to the out side net. so you have 192.168.133.0 resolving (lets just say)209.125.12.8 any reason for this?
Plenty of ISPs use 192 nets on the inside, and plenty of them presume that it's okay for those to be exposed to their users (which is a bad presumption for several, fairly obvious, reasons). They probably don't expect your boss to be doing his own NAT'ing, which is why they don't NAT between them and him. If I were he, I would avoid using any subnets on which they're keeping machines (it should be easy to find a 10 net somewhere they're not using). ~ g r @ eclipsed.net
Current thread:
- Somthing intresting. Crypt1 Crypt1 (Feb 15)
- Re: Somthing intresting. gabriel rosenkoetter (Feb 16)
- Re: Somthing intresting. Chris (Feb 16)
- Re: Somthing intresting. Piotr Zurawski (Feb 16)