Fastweb is known to use IP addresses over their private networks without
really caring of the IANA specs. In past they used an IP class that has been
assigned to a north-african country, so I am not surprised at all of what I
am seeing here.
Sincerely
En3pY
--
Sebastian `En3pY` Zdrojewski
##############################
# URL: http://www.en3py.net/ #
# E-Mail: en3py@itvc.net #
##############################
-----Messaggio originale-----
Da: Jean-Marc Soumet [mailto:Jean-Marc.Soumet@nsc.com]
Inviato: martedì 4 aprile 2006 21.16
A: Pieter de Boer
Cc: dave; incidents@securityfocus.com
Oggetto: Re: What a strange route (The DoD inside)!
Pieter de Boer wrote:
dave wrote:
11 26.26.26.xx (26.26.26.xx) 4.462 ms 3.674 ms 3.644 ms
12 26.26.26.xxx (26.26.26.xxx) 5.055 ms 3.834 ms 3.797 ms
13 26.26.26.xxx (26.26.26.xxx) 5.112 ms 3.541 ms 3.816 ms
DoD Network Information Center <- Why?
Sometimes people just assign themselves some IP address space, not via
RIPE/ARIN/APNIC/etc, but just picking a address randomly. The range
26.26.26.xx looks like such an 'assignment'.
Of course, it's bad habit to just pick a random address and use it
inside your network, but it happens a lot, especially with rcf1918
space. It also happens a lot that those addresses can be seen by
tracerouting..
Hope this clears things up a bit,
Pieter
As Pieter said this ISP must be using DOD IP addresses on their internal
network. Unless they have a special link that transmits data directly from
Italy to Columbus, Ohio and back to Italy, in 1ms round trip. ^_^ I don't
think this could be associated with Dave's incident.
Regards,
Jean-Marc
_____________________
Jean-Marc Soumet
Information Security Analyst
National Semiconductor
+1-408-721-2131
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.3.5/300 - Release Date: 03/04/2006
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.3.5/300 - Release Date: 03/04/2006
