lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 18 May 2013 09:34:46 +0200
From: Alexander Georgiev <fd@...oo.de>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Re: My ISP is routing traffic to private
	addresses...

It is sad, that many people don't understand network basics. BTW, your 
internet router should not forward rfc1918 addresses to the outside, 
shouldn't he?



Am 18. Mai 2013 04:09:48 schrieb Gary Baribault <gary@...ibault.net>:
> There is no reason for that, you can use the same address inside as
> outside so long as you don't try and reach a 10.0.0.0/8 in their
> network, and that should never happen. I have seen some networks where
> the inside address range is 192.168.0.0/16 or /8 and the outside is as
> well, so long as your trying to reach public ranges beyond the next
> outside network it works just fine.
>
> Gary Baribault
> Courriel: gary@...ibault.net
> GPG Key: 0x685430d1
> Fingerprint: 9E4D 1B7C CB9F 9239 11D9 71C3 6C35 C6B7 6854 30D1
>
> On 05/17/2013 04:40 PM, Carl "Thomas" Guething wrote:
> > AT&T won't let you use 10.0.0.0/8 <http://10.0.0.0/8> inside your home
> > network on their devices for the same reason. You will get an error if
> > you try to configure their device with it.
> >
> >
> >
> > On Friday, May 17, 2013, sec wrote:
> >
> >     On 2013-05-17 16:17:35 (-0400), Gary Baribault wrote:
> >>     The only problem is that anyone on a cable modem could access
> >>     their 10.x.x.x/8 address space and frankly who cares.
> >     Me, if they're still not signing (much less encrypting) packets on
> >     the local loop, and continuing to wish real hard that no one
> >     builds serial or other debug ports—or board headers for same—into
> >     "certified" cable modems.
> >     I have a Verizon Wireless femtocell with what looks like an HDMI
> >     port on the bottom, but *probably* isn't. I've been afraid to
> >     experiment, for fear of what I'd find. Embedded device security
> >     continues to amuse / terrify.
> >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ