[olug] nmap paranoia

Charles.Bird charles.bird at powerdnn.com
Mon May 18 16:48:26 UTC 2009


All cox modems have private IPs, usually 192.168.100.1 will hit your cable
modem.
I have no idea how their routing works, seems like a cluster F, but it must
be logical to someone :)


Charles




On Mon, May 18, 2009 at 11:40 AM, Dave Rowe <dave at roweware.com> wrote:

> I'm fairly dense (obviously) when it comes to networking above the core
> basics.  But, wouldn't the 'private' in private subnets imply that I
> shouldn't be able to access that?  Or even see it for that matter?  With
> the cable modem having a public IP address, does it also have a
> 'private' internal address for the Cox network?  Thus, it can map to
> those subnets because Cox has explicitly set the modems for that purpose?
>
> Phil Brutsche wrote:
> > Cox uses RFC1918 addresses for their backend stuff.
> >
> > I would say you just portscanned a bunch of Cox's equipment.
> >
> > Dave Rowe wrote:
> >> Okay, so just to play around with nmap, I tried running it with the
> >> following command:
> >>
> >> ~$ nmap -v -sP 192.168.2.0/16
> >>
> >> which, appears to have scanned the entire 192.168.* subnet (/16, not
> >> /24, whoops).  So, anyways, I started getting results back, like,
> >> 192.168.6.2 appears to be up, etc.
> >>
> >> Here's the thing, my local network is 192.168.2.*.  So, I tried going to
> >> 192.168.6.2 in a browser, and I got an authentication popup (HTTP-Auth)
> >> for "Security", clicking 'Cancel' just says 'Error Loading!!!', some
> >> number, then what appears to be a timestamp.
> >>
> >> Anyone seen something like this?  I'm on Cox, with no additional
> >> connections that I'm aware of (ie, no VPNs, etc).
> >
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>



More information about the OLUG mailing list