dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
26
share rss forum feed


mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter

1 recommendation

reply to passedout

Re: IP spoofing

The 10.x.x.x address are private address
»en.wikipedia.org/wiki/Private_network

So there are not routeable, that means they can not be passed through NAT or routers or over the internet. So they have to be trying to connect direct to your LAN side of the router.
Check your router logs for "Login Successfully" messages.

Here is some info on Spoofing
»www.cisco.com/web/about/ac123/ac···ing.html


tschmidt
Premium,MVM
join:2000-11-12
Milford, NH
kudos:9
Reviews:
·G4 Communications
·Fairpoint Commun..
·Hollis Hosting

1 recommendation

said by mmainprize:

The 10.x.x.x address are private address ...
So there are not routeable, that means they can not be passed through NAT or routers or over the internet.

Just to nitpick a little that is not precisely correct.

RFC-1918 private IP addresses are guaranteed not to be assigned to an Internet host and can be used and reused multiple times. There is nothing that prevents them from being routed from one network to another.

NAT will cheerfully translate one set of private addresses used on the LAN to another on the WAN.

1) It is not uncommon for ISPs to use private IP addresses for some of their internal routers. In that case since residential customers typically have a bridged rather then routed connection the customer is on the ISPs LAN. This is a controversial practice and discouraged but not prohibited.

»tools.ietf.org/html/rfc6752

2) There are also some ISPs that give customers private IP addresses rather then public. This is not all that common in the US but occurs internationally due to the IPv4 address shortage.

3) You can prove this to yourself by putting another NAT router on your LAN. Devices behind this router will work just fine.

What should happen is ISP routing should refused to route these addresses, or APIPA for that matter if they are not used internally by the ISP and occur off network (i.e. originate from the Internet).

And now back to our regularity scheduled program

/tom


mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter
said by tschmidt:

said by mmainprize:

The 10.x.x.x address are private address ...
So there are not routeable, that means they can not be passed through NAT or routers or over the internet.

Just to nitpick a little that is not precisely correct.

/tom

I agree, i should of said Not Routeable onto the internet.

That is what NAT does is change the request from the Lan (private address, non internet routeable) to the Wan (Internet Address, internet routable)


mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter
reply to tschmidt
said by tschmidt:

said by mmainprize:

The 10.x.x.x address are private address ...
So there are not routeable, that means they can not be passed through NAT or routers or over the internet.

Just to nitpick a little that is not precisely correct.

/tom

I agree, i should of said Not Routeable onto the internet.

That is what NAT does is change the request from the Lan (private address, non internet routeable) to the Wan (Internet Address, internet routeable)


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:12
Reviews:
·SONIC.NET
·Pacific Bell - SBC

1 recommendation

said by mmainprize:

That is what NAT does is change the request from the Lan (private address, non internet routeable) to the Wan (Internet Address, internet routeable)

For years I ran a NAT router which had a private IP address on the WAN port. NAT changes between IPv4 on the WAN and IPv4 on the LAN. It doesn't know private from public.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum