[AusNOG] Reminder to fix 1.1.1.0 IP block
Michael Andreas Schipp
MSchipp at a10networks.com
Wed Nov 6 23:43:56 EST 2013
Sounding old here, but in the late 90's, IP address scanning and targeting of RFC1918 ranges was so common for viruses that I set the company (that I then worked for) internet range to a IP range from Russia - though I have left the company to this day it is still the same.
Not the best security measure but security in depth!
From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Skeeve Stevens
Sent: Wednesday, 6 November 2013 11:14 PM
To: Chris Ricks
Cc: <ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Reminder to fix 1.1.1.0 IP block
Anything can actually be 'private' address space... just depends on whether you want to talk to that end IP range if it gets routed.
To be upfront, we use a non-RFC1918 for our internal network - something unrouted, that hopefully stays that way... but even if it doesn't, it isn't a huge drama to renumber or just not talk to them. An ever growing amount of our traffic is v6 now anyhows.
...Skeeve
Skeeve Stevens - eintellego Networks Pty Ltd
skeeve at eintellegonetworks.com<mailto:skeeve at eintellegonetworks.com> ; www.eintellegonetworks.com<http://www.eintellegonetworks.com/>
Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
facebook.com/eintellegonetworks<http://facebook.com/eintellegonetworks> ; linkedin.com/in/skeeve<http://linkedin.com/in/skeeve>
twitter.com/theispguy<http://twitter.com/theispguy> ; blog: www.theispguy.com<http://www.theispguy.com/>
[http://eintellegonetworks.com/logos/ein09.png]
The Experts Who The Experts Call
Juniper - Cisco - Cloud
On Wed, Nov 6, 2013 at 10:20 PM, Chris Ricks <chris.ricks at securepay.com.au<mailto:chris.ricks at securepay.com.au>> wrote:
On 6/11/2013 10:17 PM, Mark Newton wrote:
>
>
>
>> On 6 Nov 2013, at 8:47 pm, Skeeve Stevens <skeeve+ausnog at eintellegonetworks.com<mailto:skeeve%2Bausnog at eintellegonetworks.com>> wrote:
>>
>> Not the same. APNIC has stated certain ranges will not be allocated in the near future.
> And the only reason they said that is because so many people had abused certain prefixes that they'd been rendered practically useless.
>
> So, as far as self-fulfilling prophecies go, it's pretty awe inspiring.
>
> - mark
>
>
I'm reminded of a past job interview episode here.
When a person applying for a System Administration role was asked the
question "Can you give me an example of a private IP address?", the
answer was as follows.
"1 dot 1 dot 1 dot...(pause seeking cues of approval from myself and the
other interviewer) 2?"
Interestingly, as soon as we asked for an example of an RFC1918 address,
we were given very correct details. Practice and best practice don't
always align it would seem!
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20131106/a0e0176f/attachment.html>
More information about the AusNOG
mailing list