lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 21 Feb 2012 05:22:04 +0400
From: "Andrey G. Sergeev (AKA Andris)" <andris@...net.ru>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Why are phone internet operators using UK MoD
 and US DoD IP ranges in their networks?

Hi Julius,


Sun, 19 Feb 2012 20:45:20 +0200 Julius Kivimäki wrote:

> So, it appears that Sprint and T-Mobile are using 25.*.*.* and
> 28.*.*.* as their phone network internal IPs.

Not only Sprint and T-Mobile - here is the snip from one recent spam
message:

Received: from megafonpro.ru (mail.megafonpro.ru [193.201.231.40])
	by fr51.aha.ru (Postfix) with SMTP id C24E72E3F
	for <andris@...net.ru>; Thu, 12 Jan 2012 13:03:34 +0400 (MSK)
Received: from Privet (83.149.9.199) by megafonpro.ru (7.3.118.8)
        id 49AFA7CF0308FD8C for andris@...net.ru; Thu, 12 Jan 2012
08:42:08 +0300

Note the use of 7.3.118.8 IP address! The 7/8 network is allocated to
DoD.

> This causes a ton of security issues, why would they do this?

Just because some network admins are lazy and dumb and even don't want
to read RFC 1918 and other BCPs.


-- 

Yours sincerely,

Andrey G. Sergeev (AKA Andris)     http://www.andris.name/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ