Re: Somthing intresting.

[Piotr Zurawski <szur () IX RENET PL>]

On Thu, 15 Feb 2001, Crypt1 Crypt1 wrote:

> While using nmap i found something interesting. My boss's network
> is on DSL, Setup with 2 ethernet cards. and one computer pluged into
> the hub the other pluged into the dsl modem. Internet address is
> 192.168.133.* well i ended up doing a scan on the hole internal subnet
> When i did i found some computer i did not reconize when
> i telneted to them a few of them came up as cisco routers and
> a few came up as DNS servers. (FROM the out side internet)
> i did a traceroute to them and they resolved to the out side net.
> so you have 192.168.133.0 resolving (lets just say)209.125.12.8
> any reason for this?

If your boss' isp assigned him an address, that is routed only locally
(eg. only in his network) it's highly possible that he has also assigned
such addresses to more of his network devices. It let's you see them
locally (not via nat interface) and your connection is translated just on
WAN ports of all ISP's connections. It lets him reduce number of networks
address translations and identify your activity :>
I assume that all of those devices have just an IP alias

> Could the isp have an internal network that is not properly subneted?
> or using some type of nat skeem?

--
Piotr Zurawski [fb]
szur () ix renet pl