[H-GEN] RFC-1918 : Class C Networks.
Jason Parker-Burlingham
jasonp at panix.com
Wed Sep 7 11:35:06 EDT 2005
On Wed, Sep 07, 2005 at 06:52:14AM -0400, Robert Brockway wrote:
> On Wed, 7 Sep 2005, Andrew Meaden wrote:
> > you look up fremantle.binke.com.au, you will see that it's IP address is
> > 192.168.4.3 - unreachable from most of the internet, but over our VPN's,
> > perfectly reachable.
>
> So bogus answers ae being handed out to the 'net at large. Better to
> prevent anyone from getting knowledge about fremantle.binke.com.au
> (apparently an internal host) if they don't need it.
Not to mention that (a) you are giving away a fair amount of information
about how your internal network is set up; and (b) an attacker could
host a convenient wireless network assigning addresses in the
192.168.4.0/24 network and spoof fremantle by setting up dummy services.
Done right, the victim might not ever notice.
--
Jason Parker-Burlingham
<jasonp at panix.com>
(Watch this space)
More information about the General
mailing list