internal ip address

Glenn Steen glenn.steen at gmail.com
Thu Feb 7 09:50:26 GMT 2008


On 06/02/2008, Matt Kettler <mkettler at evi-inc.com> wrote:
> --[ UxBoD ]-- wrote:
> > Whether it be a 10 or 192 range I don't believe that private IP addresses give that much information away.
>
> Really?
>
> Do you vlan? Do you vlan based on department, building floor, or other useful
> locality? Most large networks do.
Subnetting? where did you get that mask you needed to make the base assumption?
Nowhere...

> You find out that lead sales guy x works in a particular office, then find an
> email from him archived somewhere.. then look for others in the same company
> with similar IP ranges... you now know a list of people that work together, and
> where they work. Lather, rinse, repeat.
>
> It's really not that hard once you realize most networks are logically
> structured. You're just leveraging lots of little bits of information to create
> a larger picture. This isn't really much different than what your average
> private investigator does when digging through public records.
>
> It takes time to study this kind of thing, but again, what's your threat level?
> Also consider kids (ie: those in school/college) have time in abundance, and are
> your most common hackers. Consider your competitors, they may not break in, but
> studying your business may be useful to them in trying to out-compete you.
>
'Cmon, the kids seldom know their way out of their behinds.... It's
the guys and gals making a living of this that would likely make a
dedicated effort like that.

Cheers
-- 
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se


More information about the MailScanner mailing list