Re: Any ideas?

[Robert Graham <robert_david_graham () yahoo com>]

> I am in Chicago now and using Visual Route's trial
> edition it tells me
> 10.10.167.40 can be found in Australia. Here is the trace:
>
> Address of Hop  Name of Hop  Location 
>  10.10.10.1  (unnamed)  (Private) (My inside interface) my
> comment
>  10.20.0.1  (unnamed)  (Private)   (RCN DHCP server)    my
> comment
>  207.229.191.130  mart-h1.chi-mart.il.cable.rcn.net 
> Herndon, VA, USA 
>  207.172.19.41  ge0-0-2.core1.chsl.il.rcn.net  Herndon, VA,
> USA 
>  207.172.19.151  ge3-2.core1.sbo.ma.rcn.net  Worcester, MA,
> USA 
>  207.172.15.114  ge4-1.core2.sbo.ma.rcn.net  Worcester, MA,
> USA 
>  207.172.19.37  pos5-0.core2.nyw.ny.rcn.net  New York, NY,
> USA 
>  207.172.15.67  tge1-2.core4.nyw.ny.rcn.net  New York, NY,
> USA 
>  207.172.19.107  tge2-1.aggr1.nyw.ny.rcn.net  New York, NY,
> USA 
>  -  (unnamed)   (An unnnamed hop) my comment
>  10.10.167.40  (unnamed)  (Private) Australia according to
> Visual Route's
> location service

The 10.10.167.40 address is not in Australia. Visual Route is being stupid. Visual Route cannot ever tell you were 
"10.10.167.40" is located (in much the same way, Google Maps can never tell you were "123 Oak St." is located).

10.10.167.40 is an address within the RCN network, probably located in NYC. RCN uses private IP addresses within it's 
network for network management. This might be some sort of SNMP console probing your cable modem for statistics. It 
could be anything.

If you are curious about this traffic, put Wireshark on your machine and capture the traffic, or 'nmap' scan it for 
ports. 




      
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.