| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACq5K5R1nvHQ058q=t3Wgd_1JfCJSUiJC_9NsJMcPNnmepD_Xw@mail.gmail.com>
Date: Fri, 17 May 2013 16:40:33 -0400
From: "Carl \"Thomas\" Guething" <thogue@...d.com>
To: sec <sec@...tsploit.me>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: My ISP is routing traffic to private
addresses...
AT&T won't let you use 10.0.0.0/8 inside your home network on their devices
for the same reason. You will get an error if you try to configure their
device with it.
On Friday, May 17, 2013, sec wrote:
> **
> On 2013-05-17 16:17:35 (-0400), Gary Baribault wrote:
>
> The only problem is that anyone on a cable modem could access their
> 10.x.x.x/8 address space and frankly who cares.
>
>
> Me, if they're still not signing (much less encrypting) packets on the
> local loop, and continuing to wish real hard that no one builds serial or
> other debug ports—or board headers for same—into "certified" cable modems.
>
> I have a Verizon Wireless femtocell with what looks like an HDMI port on
> the bottom, but *probably* isn't. I've been afraid to experiment, for fear
> of what I'd find. Embedded device security continues to amuse / terrify.
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists