dslreports logo
    All Forums Hot Topics Gallery


how-to block ads

Search Topic:
share rss forum feed

Milford, NH
·Hollis Hosting
·G4 Communications

1 recommendation

reply to grasmussen

Re: Questionable IP address outside service provider's gateway

said by grasmussen:

Is it possible that someone could be scanning traffic through this 192.168.x.x hop for the purpose of recording private info such as online bank account information?

Not sure what you mean by "scanning traffic." There is nothing special about the Private Address blocks. If this was something nefarious why would the attacker make it so obvious? If this was a CALEA tap you would never see it.

The and IPs belong to Fibernet. Looks like Hop 5 is the interface between your ISP and wholesale ISP Fibernet.

Likewise on my traceroute is Fibernet.

KISS - keep it simple stupid - Your ISP is using private IPs for routers within their network - nothing wrong with that. Using private IPs and exposing them to the Internet - a big no no. I should not be able to see hop 17 on my traceroute As mentioned the fact you can see and is normal since you are internal to the ISP's network

The choice of particular private IP address block is unusual in that most home routers also use the 192.168/16 block making collision with customer LAN address more likely. Remember the benefit of Private Addresses is that the block can be used multiple times by multiple entities. However each user must keep the block hidden from the Internet.

If you are interested in the gory details of the side effects of using Private IPs within ISP core, RFC 6752 discusses the issue. I found it interesting reading. I had not paid much attention to the down side until I responded to your problem. BTW I am not an ISP nor do I play one on TV so this is new territory for me.