Full Disclosure mailing list archives

Re: Why are phone internet operators using UK MoD and US DoD IP ranges in their networks?

From: "Andrey G. Sergeev (AKA Andris)" <andris () aernet ru>
Date: Tue, 21 Feb 2012 05:22:04 +0400

Hi Julius,


Sun, 19 Feb 2012 20:45:20 +0200 Julius Kivimäki wrote:

So, it appears that Sprint and T-Mobile are using 25.*.*.* and
28.*.*.* as their phone network internal IPs.


Not only Sprint and T-Mobile - here is the snip from one recent spam
message:

Received: from megafonpro.ru (mail.megafonpro.ru [193.201.231.40])
        by fr51.aha.ru (Postfix) with SMTP id C24E72E3F
        for <andris () aernet ru>; Thu, 12 Jan 2012 13:03:34 +0400 (MSK)
Received: from Privet (83.149.9.199) by megafonpro.ru (7.3.118.8)
        id 49AFA7CF0308FD8C for andris () aernet ru; Thu, 12 Jan 2012
08:42:08 +0300

Note the use of 7.3.118.8 IP address! The 7/8 network is allocated to
DoD.

This causes a ton of security issues, why would they do this?


Just because some network admins are lazy and dumb and even don't want
to read RFC 1918 and other BCPs.


-- 

Yours sincerely,

Andrey G. Sergeev (AKA Andris)     http://www.andris.name/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Why are phone internet operators using UK MoD and US DoD IP ranges in their networks? Julius Kivimäki (Feb 20)
- Re: Why are phone internet operators using UK MoD and US DoD IP ranges in their networks? Valdis . Kletnieks (Feb 20)
- Re: Why are phone internet operators using UK MoD and US DoD IP ranges in their networks? Andrey G. Sergeev (AKA Andris) (Feb 20)
  - Re: Why are phone internet operators using UK MoD and US DoD IP ranges in their networks? Valdis . Kletnieks (Feb 20)