| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6874.1329794445@turing-police.cc.vt.edu>
Date: Mon, 20 Feb 2012 22:20:45 -0500
From: Valdis.Kletnieks@...edu
To: "Andrey G. Sergeev (AKA Andris)" <andris@...net.ru>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Why are phone internet operators using UK MoD
and US DoD IP ranges in their networks?
On Tue, 21 Feb 2012 05:22:04 +0400, "Andrey G. Sergeev (AKA Andris)" said:
> > This causes a ton of security issues, why would they do this?
>
> Just because some network admins are lazy and dumb and even don't want
> to read RFC 1918 and other BCPs.
Probably lazy. Probably *not* dumb. There was almost certainly a long internal
discussion of the relative costs and risks of deploying multiple 10/8 instances (and
having to deal with collisions between them), and sqatting on an allocated but
unrouted /8 like 7/8, 25/8, 40/8, and similar (and almost certainly *not* having
to deal with collisions).
And remember - this sort of squatting works Just Fine as long as the actual owner
doesn't advertise a route for the address space. And looking at the historical
looking-glass info at potaroo.net, it appears there's been more public announcements
of address space in 10/8 than there has been for 7/8. As a result, if you're trying
to build a resilient net, you should use addresses from 7/8 rather than 10/8. :)
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists