[Dshield] @home users: ICMP echo: 192.168.3.141 ?

John Hardin johnh at aproposretail.com
Tue May 29 20:36:56 GMT 2001


BarkerJr wrote:
>
> Tracing route to 192.168.3.141 over a maximum of 30 hops

192.168.x.x is a reserved-for-private-use netblock. Any traceroute
you try on it will be totally useless.

Your ISP should be blocking the following networks (both source and
destination) at their backbone feeds and on internal routers. Contact
your ISP and complain - you might even get results if they're
clueful...

        192.168.0.0/24

        172.16.0.0/12

        10.0.0.0/8

        127.0.0.0/8     (<- loopback, should never be "on the wire")

If they whinge about performance, tell them eight rules (or four rules
and four routes) aren't a big deal, and they should obey the RFCs and
also be good network citizens, as this is useful in DDoS prevention.

Personally I get a kick out of somebody scanning me from a
reserved-private network address. Nothing shouts SCRIPT KIDDIE L33T
HAX0R WANNABE louder than that... "You can't even configure your own
flippin' network connection and you think you're going to crack *me*?"

:)

--
John Hardin                                   <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
-----------------------------------------------------------------------
 6 days until A2K++ session 2 begins




More information about the list mailing list