Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[RFC] Remove 6/8 and 7/8 as reserved networks for -iR

From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 5 Jan 2016 22:31:11 -0600
List,

I was checking through the -iR feature and decided to look into the
ip_is_reserved function in libnetutil/netutil.cc, which is used to filter
the raw random addresses before scanning. Most of the stuff is still valid:
RFC 1918, IANA reserved stuff, multicast, etc. But there are also these two
lines, referring to the first octet:

    case 6:         /* USA Army ISC                 */
    case 7:         /* used for BGP protocol        */

6.0.0.0/8 is indeed registered to the US Army Information Systems Center.
7.0.0.0/8 is actually registered to DISA, the Defense Information Systems
Agency. I understand the perceived wisdom in avoiding scanning US
government networks, but I don't see that these 2 blocks need to be treated
any differently from the hundreds of other allocations that DoD/USG uses.
Shodan [1] shows that both blocks are in use, if very sparse (less than 100
responsive hosts between the two of them).

I propose to remove these lines from the function. I want to know if there
is any reason not to do so.

Thanks,
Dan

[1] https://www.shodan.io/search?query=net%3A7%2F8

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: