Kevin Karhan Jun 7, 2023

@sans_isc Either my #ISP's #ITsec is shit or the #DoD on 29.0.0.0/8 is just randomly try to Telnet shit...

https://mstdn.social/@kkarhan/110498415103535536

Kevin Karhan :verified: (@[email protected])

Attached: 1 image Either my ISP's #ITsec is utter garbage or I'll soon have to file criminal charges against #AS749 / #DoD Network Information Center for attempting to break into my network: https://www.gesetze-im-internet.de/stgb/__303b.html Because I'm sick of this shit! https://github.com/greyhat-academy/lists.d/blob/main/milintel.ipv4.block.list.tsv

Mastodon 🐘
Show threadSANS Internet Storm Center - SANS.edu - Go Sentinels!Jun 8, 2023
@kkarhan 29/8 is assigned to DoD, but not used on the public internet. Some ISPs, after running out of 10/8 space, started using 21/8 and 29/8 internally (sometimes referred to as "squatspace"). Blocking these IPs may have undesired effects if your ISP uses these addresses.
Show threadKevin Karhan 

@sans_isc AFAICT they don't and even if they would that would violate RFCs and make them liable to @BNetzA fines.

Speaking of shitty #CGNAT:
I should protest of them using #RFC1918 address space [10.0.0.0/8] when #RFC6598 states they must use 100.64.0.0/10 instead...

https://en.wikipedia.org/wiki/Carrier-grade_NAT
https://datatracker.ietf.org/doc/html/rfc6598

Carrier-grade NAT - Wikipedia

Jun 9, 2023 at 12:41amWeb
Show threadKevin Karhan Jun 9, 2023

@sans_isc @BNetzA AFAICT my #ISP allows bogon source IPs for no good reason.

I'll likely have to call someone at @bsi or at least them and #BNetzA amidst this shit.