[Collisions] "controlled interruption" - 127/8 versus RFC1918 space

Edward Lewis ed.lewis at neustar.biz
Thu Jan 9 17:20:12 UTC 2014

On Jan 9, 2014, at 11:18, Jeff Schmidt wrote:
> While I see the value, I'm also a bit leery about injecting unexpected responses into 1918 space that could possibly be in use within the enterprise.  That may cause unintended consequences itself.

That was my concern upon initial reading.  There have been "attacks" (the details of which now I've forgotten) where RFC1918 space was the value of an A record.  A malicious (think phishing) email could cause an outsider to get a "machine behind a firewall" to talk to "another machine behind a firewall."

Forgive me if I have details wrong or if the above is yet another urban legend.  (127/8 addresses could do the same though.)

I don't mean to spread FUD, I'm trying to see if someone else recalls this (too).

Edward Lewis             
NeuStar                    You can leave a voice message at +1-571-434-5468

Why is it that people who fear government monitoring of social media are
surprised to learn that I avoid contributing to social media?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/collisions/attachments/20140109/9fba9987/attachment.htm>

More information about the Collisions mailing list