Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Gary Baribault (garybaribault.net)
Date: Fri May 17 2013 - 15:50:26 CDT
From a security standpoint, I agree with you, but whether their using
public or private IPs the problem is the same, but this was a routing
question .. and I see no problem with their using 'private' IPs on their
'inside' routing gear so long as they give me a routable public IP on my
GPG Key: 0x685430d1
Fingerprint: 9E4D 1B7C CB9F 9239 11D9 71C3 6C35 C6B7 6854 30D1
On 05/17/2013 04:37 PM, sec wrote:
> On 2013-05-17 16:17:35 (-0400), Gary Baribault wrote:
>> The only problem is that anyone on a cable modem could access their
>> 10.x.x.x/8 address space and frankly who cares.
> Me, if they're still not signing (much less encrypting) packets on the
> local loop, and continuing to wish real hard that no one builds serial
> or other debug ports---or board headers for same---into "certified"
> cable modems.
> I have a Verizon Wireless femtocell with what looks like an HDMI port
> on the bottom, but *probably* isn't. I've been afraid to experiment,
> for fear of what I'd find. Embedded device security continues to amuse
> / terrify.
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/