----- Original Message ----- From: "Robert Clark" <[EMAIL PROTECTED]> To: "'Andrew Blevins'" <[EMAIL PROTECTED]>; "'scott [gts]'" <[EMAIL PROTECTED]>; "'security-basics'" <[EMAIL PROTECTED]> Sent: Monday, October 29, 2001 1:36 PM Subject: RE: help - can someone explain this to me?
> The 10.0.*, 127.*, and 192.* are not routable addresses, they are > 'reserved'. I don't recall ever seeing ISP's using a 10. address as a > public ip. I would wonder if I did. > Quite a few ISPs use them for interfaces on their internal routers. The first and biggest I can think of offhand is @Home. Of course, this wouldn't be an issue except that, as seen below, these IP addresses then appear as the source for ICMP errors generated by that router: Tracing route to www.securityfocus.com [66.38.151.10] over a maximum of 30 hops: 1 10 ms 10 ms 10 ms 10.58.34.1 2 <10 ms 10 ms 20 ms 24.182.156.17 3 51 ms 50 ms 50 ms 24.18.95.65 4 40 ms 50 ms 40 ms 10.0.236.70 5 40 ms 50 ms 40 ms 24.7.76.189 This is, in many people's opinion, a violation of RFC1918. The engineers of the networks who use them answer with the equally valid point that their internal routers can have whatever internal IPs they want, I shouldn't be trying to connect directly to them anyway. One of those religious wars you never really want to get into. --K
