Re: [PEN-TEST] advertising private IP numbers?

[Joe Shaw <jshaw () INSYNC NET>]

On Thu, 21 Dec 2000 securitygeek () HUSHMAIL COM wrote:

> Below is part of traceroute that I grabbed... Is it normal to advertise
> non-routable/interal IP's like this? If it isn't, what mischief can be made
> easier to accomplish when this is done?
>
>  18    80 ms   100 ms    80 ms  bb1-pos3-0-0.rdc1.va.home.net [24.7.73.110]
>  19   100 ms   140 ms   110 ms x.x.x.home.net [24.x.x.x]
>  20    81 ms    90 ms   150 ms  10.252.60.6
>  21   331 ms   320 ms   411 ms  192.168.0.98
>  22   190 ms   160 ms    90 ms  x.x.x.253
>  23   150 ms   191 ms   140 ms  x.x.x.10

It's considered in bad form to advertise rfc1918 space, and any network
person will be laughed at for doing so.  However, you will sometimes find
RFC1918 space used for interconnections between routers, like what you saw
in your traceroute.  This is generally not considered best practice if you
want things like Path-MTU discovery to work.  Using RFC1918 space in this
capacity and actually advertising RFC1918 space are not necessarily the
same thing.

--
Joseph W. Shaw
Sr. Network Security Specialist for Big Company not to be named.
I have public opinions, and they have public relations.