[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ProgSoc] triv question
] On 25/11/2004, at 01:14, Christian Kent wrote:
] > You mean besides, you're in a job interview and this is a test
] > question?
Yerright.
I was sitting next to someone who was wondering where all this
traffic might be coming from, in this hypothetical network.
Well, he knew where it was coming from, but it was the Why behind
it that was generating the greater curiosity.
No one (who isn't authorised) can packet sniff on that network, and
1.1.1.1 really doesn't lead anywhere, which just adds to the mystery.
On Thu November 25 2004 02:02 am, Andrew Robert Halliday wrote:
] http://www.f-secure.com/v-descs/skulls.shtml
No mention of the relevant IP address here .. but apparently one
of the earlier blasters / sobig / etc (it's amazing how quickly you lose
track of Win32 viruses once you stop being affected by them) used
to go hunting for vulnerable boxes by spraying 1.1.1.1:1 and working
its way up.
This hypothetical situation is weird because a) it's seemingly originating
from a number of different handsets (manufacturers, OS's, and models)
and b) there doesn't seem to be any attempted hits at 1.1.1.1:2 or 1.1.1.2
(which is contra-indicated by the spray-and-pray approach that malign
software coming from that codebase would likely adopt).
More relevantly, the skulls vulnerability that you cite appears to
render the handset unusable. I think if that were the case then you'd
see a lot more interest from customers. A dysfunctional phone is far
more noticeable than a handful of non-itemised micropayments.
] And isn't 1.1.1.1 a common default IP address used by a lot of phone
] peripherals and devices (or like 127.0.0.1 but for phones)?
I'd hope not.
1.0.0.0/8 is a perfectly valid (just seemingly unallocated) network.
You might be thinking of 10.0.0.0/8 (?).
But there's a strong possibility that the phone manufacturers are
simply incompetent at writing firmware. Nokia still can't get the
separation of SIM from internal memory sorted out in its OS, f.e.
Jedd.
-
You are subscribed to the progsoc mailing list. To unsubscribe, send a
message containing "unsubscribe" to progsoc-request@xxxxxxxxxxxxxxxxxxx
If you are having trouble, ask owner-progsoc@xxxxxxxxxxxxxxxxxx for help.