Monday, September 13th was generally quiet. SSH probes, telnet
probes, and phishing web sites continue to show up as common themes. One individual pointed out some problems in the .ws top-level domain. While some domains themselves resolved, there did not appear to be any nameservers for the .ws TLD. The problem is now resolved. One common problem we encounter are Voice over IP (VoIP) and other audio applications that open audio streams. These tend to use a steady, if not large, amount of bandwidth. The directory lookup feature, especially in Skype, tends to be rather noisy - I personally forgot Skype was running at one point and was alarmed at the number of outgoing connection attempts on my network wire. Skype: http://www.skype.com Vocaltec: http://www.vocaltec.com RealAudio: http://www.real.com One question came in from a user about IP addressing. In IPv4, here are the network addresses that shouldn't show up on your network cable: 127.0.0.0/8 This is legal on the loopback interface, though. 224.0.0.0/4 Illegal as a source address, or as a destination address for anything but udp or igmp. 240.0.0.0/4 Although 255.255.255.255 is occasionally used as a legal destination. 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 These are reserved for internal use. They shouldn't show up as the source or destination address of packets crossing the Internet. The last block of illegal addresses are the "bogon" networks; IP address blocks that have not been allocated. This list changes as new IP blocks are handed out, so it's best to get these from a source from here: http://www.cymru.com/Documents/bogon-bn-agg.txt Finally, Mark Cooper will be leaving the handler's team. On behalf of the team, thank you, Mark, for taking part. ---- Handler on duty, William Stearns wstearns@pobox.com http://www.stearns.org/ (security papers and tools) |
William 80 Posts Sep 14th 2004 |
Thread locked Subscribe |
Sep 14th 2004 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!