Nmap Development mailing list archives
[RFC] Remove 6/8 and 7/8 as reserved networks for -iR
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 5 Jan 2016 22:31:11 -0600
List, I was checking through the -iR feature and decided to look into the ip_is_reserved function in libnetutil/netutil.cc, which is used to filter the raw random addresses before scanning. Most of the stuff is still valid: RFC 1918, IANA reserved stuff, multicast, etc. But there are also these two lines, referring to the first octet: case 6: /* USA Army ISC */ case 7: /* used for BGP protocol */ 6.0.0.0/8 is indeed registered to the US Army Information Systems Center. 7.0.0.0/8 is actually registered to DISA, the Defense Information Systems Agency. I understand the perceived wisdom in avoiding scanning US government networks, but I don't see that these 2 blocks need to be treated any differently from the hundreds of other allocations that DoD/USG uses. Shodan [1] shows that both blocks are in use, if very sparse (less than 100 responsive hosts between the two of them). I propose to remove these lines from the function. I want to know if there is any reason not to do so. Thanks, Dan [1] https://www.shodan.io/search?query=net%3A7%2F8
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [RFC] Remove 6/8 and 7/8 as reserved networks for -iR Daniel Miller (Jan 05)
- <Possible follow-ups>
- [RFC] Remove 6/8 and 7/8 as reserved networks for -iR Bill Parker (Jan 13)