On Tue, 21 Feb 2012 05:22:04 +0400, "Andrey G. Sergeev (AKA Andris)" said: > > This causes a ton of security issues, why would they do this? > > Just because some network admins are lazy and dumb and even don't want > to read RFC 1918 and other BCPs. Probably lazy. Probably *not* dumb. There was almost certainly a long internal discussion of the relative costs and risks of deploying multiple 10/8 instances (and having to deal with collisions between them), and sqatting on an allocated but unrouted /8 like 7/8, 25/8, 40/8, and similar (and almost certainly *not* having to deal with collisions). And remember - this sort of squatting works Just Fine as long as the actual owner doesn't advertise a route for the address space. And looking at the historical looking-glass info at potaroo.net, it appears there's been more public announcements of address space in 10/8 than there has been for 7/8. As a result, if you're trying to build a resilient net, you should use addresses from 7/8 rather than 10/8. :)
Attachment:
pgp_0TRTDxW2I.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/