Security Incidents mailing list archives
Re: What a strange route (The DoD inside)!
From: Valdis.Kletnieks () vt edu
Date: Mon, 03 Apr 2006 13:29:41 -0400
On Mon, 03 Apr 2006 09:52:06 CDT, Bob Radvanovsky said:
May this was an isolated incident?
3 atm008.edge1.chi.megapath.net (216.36.100.1) 30.781 ms 18.686 ms 30.491 ms
6 ae-1-55.bbr1.Chicago1.Level3.net (4.68.101.129) 20.222 ms ae-1-53.bbr1.Chicago1.Level3.net (4.68.101.65) 23.849 ms 20.018 ms
13 194.244.2.114 (194.244.2.114) 145.201 ms 147.555 ms 143.591 ms 14 * * * 15 * * *
More likely, the fact that your packets went via megapath.net and level3.net means they never transited the fastres.net/fastwebnet.it links that are the problem. The paths are totally divergent before your hop 13 and their hop 17 (although your hop 12 and their hop 16 are both in 194.20/16, so likely on the same provider - probably 2 different routers at different sites but owned by the same provider). Similar to somebody who says "I saw something weird on I-95 North heading from Richmond VA (south of Washington) to Washington DC" - you've replied with the euqivalent of "There's nothing weird on I-270 coming into Washington from Frederick MD (northwest of Washington".
Attachment:
_bin
Description:
Current thread:
- What a strange route (The DoD inside)! dave (Apr 02)
- Re: What a strange route (The DoD inside)! Pieter de Boer (Apr 03)
- Re: What a strange route (The DoD inside)! Jean-Marc Soumet (Apr 04)
- R: What a strange route (The DoD inside)! Sebastian "En3pY" Zdrojewski (Apr 05)
- Re: What a strange route (The DoD inside)! Jean-Marc Soumet (Apr 04)
- Re: What a strange route (The DoD inside)! ascii (Apr 03)
- <Possible follow-ups>
- Re: What a strange route (The DoD inside)! Bob Radvanovsky (Apr 03)
- Re: What a strange route (The DoD inside)! Valdis . Kletnieks (Apr 03)
- Re: What a strange route (The DoD inside)! Pieter de Boer (Apr 03)