Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Weird Trace Routes
Posted by: ron_johnson
Date: February 15, 2008 05:06PM

I have an issue that I would like some feedback on.

I have a few clients who use Cox as their ISP. While on their network I can ping multiple addresses in the 10.0.x.x range and get a response. When I perform a trace I will get 3-5 hops before reaching the destination. All of the hops are addresses owned by Cox.

Has anyone seen this before? Does anyone know why they have the routes back to their internal network?

If you need, I have a more detailed account at http://onsecurity.wordpress.com/2008/02/15/cox-communications-customers-beware/

I would love to hear some other thoughts as to what could be going on. I am totally confused as to why they are doing this and it would be interesting to see if there is anything to be discovered on the other side of the network.

Ron

Options: ReplyQuote
Re: Weird Trace Routes
Posted by: thrill
Date: February 15, 2008 05:45PM

This behavior's been around for a while. The reason this is done is because large providers do not want to use public IP addresses for internal routers. So they set up their routers with RFC1918 addresses to minimize the number of public IPs they use. Internally they may run something like OSPF, and on their border routers BGP. You are probably connected to a border router, but still need to go through internal networks to reach your destination, and so, you end up seeing 10.x addresses while tracerouting.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Weird Trace Routes
Posted by: ron_johnson
Date: February 15, 2008 08:36PM

Thanks for the answer! I definitely do not know enough about the networking side of things and routing protocols confuse me. I guess its time to start beefing up the networking skills...

Options: ReplyQuote
Re: Weird Trace Routes
Posted by: thrill
Date: February 15, 2008 10:52PM

Networking is not hard.. at times it can seem like a lot of information to retain, but after a little reading it becomes easier. I wrote a little tutorial for netmasking that might be of aid to you, it is Here.

Edit: I forgot to mention, the reason I posted the link above is because until I got my head around netmasking/bitmasking, I didn't quite understand IP routing. Once I learned the basics of it however, it became quite a bit easier to understand, and routing protocols made a lot more sense.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill



Edited 1 time(s). Last edit at 02/16/2008 12:21PM by thrill.

Options: ReplyQuote


Sorry, only registered users may post in this forum.