Re: Spider with improbable IP address

[insecure <insecure () ameritech net>]

There's no reason that an IP address like that wouldn't be perfectly 
valid, no matter what the first three octets contain. This has been true 
for at least a decade.

Read up on CIDR and RFC1519 (http://www.faqs.org/rfcs/rfc1519.html).

Ed Wittmann wrote:

> A server I help maintain is currently being spidered, which is not so
> unusual - however, I note that the address the spider is coming from
> seems weird:
>
> xxx.xxx.xxx.0
>
>
> Now, I was under the assumption that you can't send and receive on this
> address - but the requests come in here, and they're clearly going back
> out here. The weblogs show this address.
>
> Could someone cure my ignorance? Is this spoofing? It doesn't seem like
> source spoofing since the reply is clearly going back to the same IP
> address.
>
>