Re: IP address allocation

From: Justin Pryzby (justinpryzby_at_users.sf.net)
Date: 08/01/03

  • Next message: Dozal, Tim: "RE: Cisco Workaround"
    Date: Thu, 31 Jul 2003 15:30:33 -0700
    To: Terry <tech@futurecourse.com>, security-basics@securityfocus.com
    
    

    Not sure if this is understood or not. If someone wanted to hijack that
    ipi address, they would have to control a computer on the same network
    as that ip address. Otherwise packets they wanted to receive (to the
    hijacked address) would go to the wrong network. With TCP, that means
    they cannot even initiate a connection. But yes, one can easily spoof
    an ipaddress on a shared network.

    Justin
    On Fri, Aug 01, 2003 at 01:04:03AM +0000, Terry wrote:
    > Right, and this is the basis for my question. What are the security
    > implications of having DNS records for unused IPs? What if someone
    > hijacked that unused addy and put a machine up on the net with it and
    > served up pirated music or worse? Won't someone be able to then
    > access the machine by using that domain name and making things easier?
    > How would you track that if it was someone doing something illegal? I
    > realize that there are many ways to spoof things, manipulate the
    > system, etc., but it just seems to me that this practice makes it that
    > much easier for the bad guys. And I've also got questions about the
    > liability. It's our address. Who's responsible for any illegal
    > activities? Is there such a thing as 'securing' your unused IP
    > addresses?

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------


  • Next message: Dozal, Tim: "RE: Cisco Workaround"