[olug] nmap paranoia

Dave Rowe dave at roweware.com
Mon May 18 16:40:53 UTC 2009

I'm fairly dense (obviously) when it comes to networking above the core 
basics.  But, wouldn't the 'private' in private subnets imply that I 
shouldn't be able to access that?  Or even see it for that matter?  With 
the cable modem having a public IP address, does it also have a 
'private' internal address for the Cox network?  Thus, it can map to 
those subnets because Cox has explicitly set the modems for that purpose?

Phil Brutsche wrote:
> Cox uses RFC1918 addresses for their backend stuff.
> I would say you just portscanned a bunch of Cox's equipment.
> Dave Rowe wrote:
>> Okay, so just to play around with nmap, I tried running it with the 
>> following command:
>> ~$ nmap -v -sP
>> which, appears to have scanned the entire 192.168.* subnet (/16, not 
>> /24, whoops).  So, anyways, I started getting results back, like, 
>> appears to be up, etc.
>> Here's the thing, my local network is 192.168.2.*.  So, I tried going to 
>> in a browser, and I got an authentication popup (HTTP-Auth) 
>> for "Security", clicking 'Cancel' just says 'Error Loading!!!', some 
>> number, then what appears to be a timestamp.
>> Anyone seen something like this?  I'm on Cox, with no additional 
>> connections that I'm aware of (ie, no VPNs, etc).

More information about the OLUG mailing list