Re: Any ideas?

["Richard Golodner" <rgolodner () infratection com>]

        Robert said to me:

> " I'm sure if you ping the 10.10.167.40, you'll find that it's only a
couple hops away.

I am in Chicago now and using Visual Route's trial edition it tells me
10.10.167.40 can be found in Australia. Here is the trace:

Address of Hop  Name of Hop  Location 
 10.10.10.1  (unnamed)  (Private) (My inside interface) my comment
 10.20.0.1  (unnamed)  (Private)   (RCN DHCP server)    my comment
 207.229.191.130  mart-h1.chi-mart.il.cable.rcn.net  Herndon, VA, USA 
 207.172.19.41  ge0-0-2.core1.chsl.il.rcn.net  Herndon, VA, USA 
 207.172.19.151  ge3-2.core1.sbo.ma.rcn.net  Worcester, MA, USA 
 207.172.15.114  ge4-1.core2.sbo.ma.rcn.net  Worcester, MA, USA 
 207.172.19.37  pos5-0.core2.nyw.ny.rcn.net  New York, NY, USA 
 207.172.15.67  tge1-2.core4.nyw.ny.rcn.net  New York, NY, USA 
 207.172.19.107  tge2-1.aggr1.nyw.ny.rcn.net  New York, NY, USA 
 -  (unnamed)   (An unnnamed hop) my comment
 10.10.167.40  (unnamed)  (Private) Australia according to Visual Route's
location service
        I have not been able to confirm this. I do appreciate your help and
hope that this stimulates some more ideas as I am perplexed.
Richard




-----Original Message-----
From: Robert Graham [mailto:robert_david_graham () yahoo com] 
Sent: Saturday, April 04, 2009 1:15 AM
To: funsec () linuxbox org; Richard Golodner
Subject: Re: [funsec] Any ideas?


RFCs are not the law. You can break them. I use so-called
routable/non-private (although not allocated) addresses for my internal
network. ISPs route non-routable/private addresses. Specifically, they use
such addresses as part of their management network: they assign private
addresses in the 10.x.x.x space to routers, modems, etc. 

> From what I understand, cable-modem providers give a 10.x.x.x address to
their cable-modems for management purposes. I believe the last time I had a
cable modem, I saw these 10.x.x.x addresses exposed on my Ethernet.

I run traceroute through my tethered cellphone, and find that the phone
company assigns 192.168.x.x addresses to routers. nmap scans confirm other
machines in that so-called "private" "non-routable" range.


--- On Fri, 4/3/09, Richard Golodner <rgolodner () infratection com> wrote:

> From: Richard Golodner <rgolodner () infratection com>
> Subject: [funsec] Any ideas?
> To: funsec () linuxbox org
> Date: Friday, April 3, 2009, 2:44 PM
> When I do:
>
> Show IP Nat Translations, I see this coming from my
> wife's laptop.
>
>  
>
> Pro Inside global                      Inside local        
>  Outside local
> Outside global
>
> tcp 24.148.6x.xxx:2022    10.10.10.98:2022     
> 10.10.167.40:2967
> 10.10.167.40:2967
>
>  
>
>                 How does this 1918 address space route
> across the internet?
> 10.10.10.98 is her machine. Any ideas are welcome and there
> are no chat
> programs allowed on our (MY) LAN, so I have ruled that out.
>
>                 Thank you and have a great weekend, Richard
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.


      

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.