[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ProgSoc] triv question



 ] On 25/11/2004, at 01:14, Christian Kent wrote:
 ] > You mean besides, you're in a job interview and this is a test 
 ] > question?

 Yerright.

 I was sitting next to someone who was wondering where all this
 traffic might be coming from, in this hypothetical network.

 Well, he knew where it was coming from, but it was the Why behind
 it that was generating the greater curiosity.

 No one (who isn't authorised) can packet sniff on that network, and
 1.1.1.1 really doesn't lead anywhere, which just adds to the mystery.

On Thu November 25 2004 02:02 am, Andrew Robert Halliday wrote:
 ] http://www.f-secure.com/v-descs/skulls.shtml

 No mention of the relevant IP address here .. but apparently one
 of the earlier blasters / sobig / etc (it's amazing how quickly you lose
 track of Win32 viruses once you stop being affected by them) used
 to go hunting for vulnerable boxes by spraying 1.1.1.1:1 and working
 its way up.

 This hypothetical situation is weird because a) it's seemingly originating
 from a number of different handsets (manufacturers, OS's, and models)
 and b) there doesn't seem to be any attempted hits at 1.1.1.1:2 or 1.1.1.2
 (which is contra-indicated by the spray-and-pray approach that malign
 software coming from that codebase would likely adopt).

 More relevantly, the skulls vulnerability that you cite appears to
 render the handset unusable.  I think if that were the case then you'd
 see a lot more interest from customers.  A dysfunctional phone is far
 more noticeable than a handful of non-itemised micropayments.

 ] And isn't 1.1.1.1 a common default IP address used by a lot of phone 
 ] peripherals and devices (or like 127.0.0.1 but for phones)?

 I'd hope not.

 1.0.0.0/8 is a perfectly valid (just seemingly unallocated) network.

 You might be thinking of 10.0.0.0/8 (?).

 But there's a strong possibility that the phone manufacturers are
 simply incompetent at writing firmware.  Nokia still can't get the
 separation of SIM from internal memory sorted out in its OS, f.e.

 Jedd.


-
You are subscribed to the progsoc mailing list. To unsubscribe, send a
message containing "unsubscribe" to progsoc-request@xxxxxxxxxxxxxxxxxxx
If you are having trouble, ask owner-progsoc@xxxxxxxxxxxxxxxxxx for help.