Another LTE network turns up as IPv4-only squat space + NAT
Måns Nilsson
mansaxel at besserwisser.org
Thu Jul 19 08:50:02 UTC 2012
Subject: RE: Another LTE network turns up as IPv4-only squat space + NAT Date: Wed, Jul 18, 2012 at 10:36:31PM -0400 Quoting Chuck Church (chuckchurch at gmail.com):
> I disagree. I see it as an extra layer of security. If DOD had a network
> with address space 'X', obviously it's not advertised to the outside. It
> never interacts with public network. Having it duplicated on the outside
> world adds an extra layer of complexity to a hacker trying to access it.
> It's not a be-all/end-all, but it's a plus. A hacker who's partially in the
> network may try to access network 'X', but it routes to the outside world,
> tripping IDSs...
Then DoD should go for using something like the v6 documentation prefix
or similar. It both is in many peoples filters and (as referenced here
recently) is being used for stuff that "never" (promise! or at least not
until we change our minds) is going to need connectivity.
I do not see DoD handing back its allocations in the name of promoting
unreachability by swapping it for reusable space.. It probably values
the uniqueness property of allocated space too much. And rightly so.
No, reusing somebody's prefix is A Very Bad Idea. I'm having a very hard
time believing the alleged "ok" is anything but cheap talk.
--
Måns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE +46 705 989668
The Osmonds! You are all Osmonds!! Throwing up on a freeway at dawn!!!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120719/55e1b75f/attachment.sig>
More information about the NANOG
mailing list