[olug] nmap paranoia
Dave Rowe
dave at roweware.com
Mon May 18 16:40:53 UTC 2009
I'm fairly dense (obviously) when it comes to networking above the core
basics. But, wouldn't the 'private' in private subnets imply that I
shouldn't be able to access that? Or even see it for that matter? With
the cable modem having a public IP address, does it also have a
'private' internal address for the Cox network? Thus, it can map to
those subnets because Cox has explicitly set the modems for that purpose?
Phil Brutsche wrote:
> Cox uses RFC1918 addresses for their backend stuff.
>
> I would say you just portscanned a bunch of Cox's equipment.
>
> Dave Rowe wrote:
>> Okay, so just to play around with nmap, I tried running it with the
>> following command:
>>
>> ~$ nmap -v -sP 192.168.2.0/16
>>
>> which, appears to have scanned the entire 192.168.* subnet (/16, not
>> /24, whoops). So, anyways, I started getting results back, like,
>> 192.168.6.2 appears to be up, etc.
>>
>> Here's the thing, my local network is 192.168.2.*. So, I tried going to
>> 192.168.6.2 in a browser, and I got an authentication popup (HTTP-Auth)
>> for "Security", clicking 'Cancel' just says 'Error Loading!!!', some
>> number, then what appears to be a timestamp.
>>
>> Anyone seen something like this? I'm on Cox, with no additional
>> connections that I'm aware of (ie, no VPNs, etc).
>
More information about the OLUG
mailing list