The use of .0/.255 addresses.
william(at)elan.net
william at elan.net
Sun Jun 27 02:24:25 UTC 2004
On Sat, 26 Jun 2004, Jared Mauch wrote:
> This includes Washington state host software vendors that
> may need to distribute patches for networking stacks with defects
> in their handling of outbound TCP connections (referenced in an alternate
> email..)
Then of course we could use their ignorance to advantage and setup box that
you know will never be accessed from windows as .0 or .255. You want to
have a firewall or router interface that will not be dropped by the zombie
army? Sure, thing, just set to to .0
Actually I've done testing on this about 6 months ago and setup box with
normal ip and box with .0 ip and check how much boxes were being scanned.
What an amazing results! The box with normal ip gets usually at least once
per minute. The box with .0 ip got scanned I think once over several days
period. Apparently viruses and hackers don't know that .0 can actually be
real ip either! Of course, now that I have mentioned this, it might be
changing real soon (so I'll do another test in 6 months to check :)
--
William Leibzon
Elan Networks
william at elan.net
More information about the NANOG
mailing list