Security Basics mailing list archives

RE: Strange IP

From: "Jeff Gercken" <JeffG () kizan com>
Date: Tue, 16 Aug 2005 14:24:02 -0400

Keep in mind while 192.168.0.0/16 isn't supposed to be routable a huge
amount of traffic sourced from RFC1918 addresses leaks onto the
Internet.  Also while they aren't routable on the Internet, your ISP
might be using them somewhere, in which case it's very plausible that
you may be communicating with them.

-jeff

-----Original Message-----
From: Jeff MacDonald [mailto:jam () zoidtechnologies com] 
Sent: Friday, August 12, 2005 3:42 PM
To: idolcrash () gmail com
Cc: security-basics () securityfocus com
Subject: Re: Strange IP

On Fri, Aug 12, 2005 at 02:46:43AM -0000, idolcrash () gmail com wrote:

Hello all, I recently ran Angry IP Scanner to see what was on my 
network, so I could get the IP of a wireless access point I use to

tinker with it.

However, I found a strange thing residing at 192.168.15.2, which ran 
something by Marconi called Element Manager. My network starts at 
192.168.0.x, so I was wondering if this is still in the realm of a 
private network (so far as IP assignment) and if anyone had any info 
on what exactly this is.


yes, 192.168.0.0/16 is considered "private" space (so is 10.0.0.0/8 and
172.16/12), so 192.168.15.0/24 fits in there.. if you have the netmasks
configured right, 192.168.15.0/24 shouldn't work, though.. that is
another issue, I suppose. 

here is a link to RFC1918: <http://www.rfc-editor.org/rfc/rfc1918.txt>

Also, I would appreciate it if some could direct me to some decent 
network administration tools I can use to secure and find 
vulnerabilities with my network. I am still at a 'new' level with 
network security and administration (which I've been interested in for

a long time, but I've just been overwhelmed by all the information out

there) and enjoy learning whatever I can. Thanks.


personally I use nmap (latest version) for network scans (free from
<http://insecure.org/>), and nessus for scanning and finding
vulnerabilities <http://nessus.org/>.. as for "administration" (i.e.
"fixing stuff") you're on your own. :)

hth..

regards,
J

Current thread:

Strange IP idolcrash (Aug 12)
- Re: Strange IP Jeff MacDonald (Aug 15)
  - RE: Strange IP Timothy Dillman (Aug 16)
- Re: Strange IP matt (Aug 16)
  - Re: Strange IP Douglas Duckworth (Aug 22)
- RE: Strange IP Steve McLaughlin (Aug 16)
  - Re: Strange IP Idol Crash (Aug 16)
- Re: Strange IP Dave Aronson (Aug 16)
  - Re: Strange IP Ansgar -59cobalt- Wiechers (Aug 23)
- <Possible follow-ups>
- Re: Strange IP terminal . checks . pop3 (Aug 15)
- RE: Strange IP Jeff Gercken (Aug 16)