post del blog

Ritorna al blog

Stupidi vs. RFC (e tutti noi) 3-0
Posted by rdo on Mer 16 Feb, 2011 18:29 CET
Questa avrebbe dovuto essere un'avventura del Sistemista Olografico d'Emergenza (C) (R) (TM) ma e' troppo grossa. L'SOE e' un programma di front-end con database diagnostico incorporato, creato per tentare di automatizzare l'assistenza tecnica presso i provider Internet. Ovvero, un personaggio pensato per presentare in forma (di solito) anonima le peggiori cazzate mai viste nei computer e nelle reti di comunicazione dei medesimi.

Le RFC (Request For Comments) sono documenti che spiegano come funzionano i protocolli di rete utilizzati in Internet, a partire dal TCP-IP stesso. La RFC 1918, in particolare, delimita le reti cosiddette private, la piu' famosa delle quali e' la 192.168.1.0; ma ce ne sono altre. Proprio per evitare sovrapposizioni (overlapping) nel connettere reti differenti (magari in VPN, sorta di connessioni punto-punto crittate che viaggiano "a cavallo" della normale Internet), anche la classe 10.0.0.0/8 e le classi da 172.16.0.0/16 a 172.31.0.0/16 sono riservate alle reti private, e vengono utilizzate in abbondanza da alcuni sysadmin che si pongono il problema. Tanto per metterci del suo, Microsoft utilizza d'abitudine anche un'altra classe, la 169.254.0.0/16, per quei PC con Windows che sono attestati su una rete senza IP statico e senza DHCP. Anche tale rete e' da intendersi come privata. Infine, tanto per aggiungere qualcosa, l'ARIN stesso ha dichiarato occupate, ma senza specificare perche' o da chi, intere classi scherzosamente note nell'ambiente come reti "martian", marziane; e finisce dritto nelle maglie dei migliori antispam chiunque le adoperi per la propria rete interna e poi pretenda di spedire posta elettronica fuori dalla propria organizzazione. Poi dicono pure che stanno finendo gli IP; ma questo e' un altro discorso.

Proprio oggi, durante un banale test nel raggiungere una destinazione oltreoceano, in un tracciamento effettuato da una connessione residenziale Telecom, ci si e' imbattuti in quanto segue.

4 r-bs48-vl19.opb.interbusiness.it (80.20.178.152) 38.285 ms 37.821 ms 36.910 ms
5 (172.17.6.133) 42.479 ms 41.098 ms 41.110 ms
6 172.17.6.89 (172.17.6.89) 41.011 ms 39.709 ms 40.640 ms
7 te1-9-1-0.milano26.mil.seabone.net (93.186.128.77) 41.792 ms 40.814 ms 41.347 ms
8 te1-1.newyork51.new.seabone.net (195.22.216.193) 135.275 ms 136.103 ms 137.727 ms


Non credendoci, si e' eseguita una scansione di quella che, a rigore, avrebbe dovuto essere una rete irraggiungibile. Ecco il risultato.

Starting Nmap 5.00 ( http://nmap.org ) at 2011-02-16 18:11 CET
Host 172.17.6.0 is up (0.17s latency).
Host 172.17.6.1 is up (0.045s latency).
Host 172.17.6.2 is up (0.046s latency).
Host 172.17.6.3 is up (0.047s latency).
Host 172.17.6.4 is up (0.047s latency).
Host 172.17.6.5 is up (0.048s latency).
Host 172.17.6.6 is up (0.052s latency).
Host 172.17.6.7 is up (0.056s latency).
Host 172.17.6.8 is up (0.056s latency).
Host 172.17.6.9 is up (0.056s latency).
Host 172.17.6.10 is up (0.058s latency).
Host 172.17.6.12 is up (0.043s latency).
Host 172.17.6.13 is up (0.043s latency).
Host 172.17.6.14 is up (0.043s latency).
Host 172.17.6.15 is up (0.043s latency).
Host 172.17.6.17 is up (0.047s latency).
Host 172.17.6.18 is up (0.048s latency).
Host 172.17.6.19 is up (0.043s latency).
Host 172.17.6.20 is up (0.043s latency).
Host 172.17.6.21 is up (0.049s latency).
Host 172.17.6.22 is up (0.050s latency).
Host 172.17.6.23 is up (0.052s latency).
Host 172.17.6.24 is up (0.055s latency).
Host 172.17.6.25 is up (0.17s latency).
Host 172.17.6.26 is up (0.041s latency).
Host 172.17.6.27 is up (0.057s latency).
Host 172.17.6.28 is up (0.057s latency).
Host 172.17.6.29 is up (0.041s latency).
Host 172.17.6.30 is up (0.17s latency).
Host 172.17.6.31 is up (0.055s latency).
Host 172.17.6.32 is up (0.067s latency).
Host 172.17.6.33 is up (0.067s latency).
Host 172.17.6.34 is up (0.056s latency).
Host 172.17.6.35 is up (0.063s latency).
Host 172.17.6.36 is up (0.064s latency).
Host 172.17.6.37 is up (0.053s latency).
Host 172.17.6.38 is up (0.053s latency).
Host 172.17.6.39 is up (0.16s latency).
Host 172.17.6.40 is up (0.16s latency).
Host 172.17.6.41 is up (0.17s latency).
Host 172.17.6.43 is up (0.17s latency).
Host 172.17.6.44 is up (0.16s latency).
Host 172.17.6.45 is up (0.17s latency).
Host 172.17.6.46 is up (0.17s latency).
Host 172.17.6.47 is up (0.14s latency).
Host 172.17.6.48 is up (0.14s latency).
Host 172.17.6.49 is up (0.14s latency).
Host 172.17.6.50 is up (0.15s latency).
Host 172.17.6.51 is up (0.065s latency).
Host 172.17.6.53 is up (0.15s latency).
Host 172.17.6.54 is up (0.15s latency).
Host 172.17.6.55 is up (0.066s latency).
Host 172.17.6.56 is up (0.058s latency).
Host 172.17.6.57 is up (0.16s latency).
Host 172.17.6.58 is up (0.16s latency).
Host 172.17.6.59 is up (0.055s latency).
Host 172.17.6.61 is up (0.16s latency).
Host 172.17.6.62 is up (0.16s latency).
Host 172.17.6.63 is up (0.056s latency).
Host 172.17.6.65 is up (0.16s latency).
Host 172.17.6.67 is up (0.066s latency).
Host 172.17.6.68 is up (0.041s latency).
Host 172.17.6.69 is up (0.16s latency).
Host 172.17.6.71 is up (0.061s latency).
Host 172.17.6.73 is up (0.16s latency).
Host 172.17.6.74 is up (0.17s latency).
Host 172.17.6.76 is up (0.046s latency).
Host 172.17.6.77 is up (0.17s latency).
Host 172.17.6.78 is up (0.17s latency).
Host 172.17.6.79 is up (0.17s latency).
Host 172.17.6.80 is up (0.18s latency).
Host 172.17.6.82 is up (0.044s latency).
Host 172.17.6.83 is up (0.18s latency).
Host 172.17.6.84 is up (0.19s latency).
Host 172.17.6.86 is up (0.062s latency).
Host 172.17.6.87 is up (0.18s latency).
Host 172.17.6.88 is up (0.18s latency).
Host 172.17.6.89 is up (0.041s latency).
Host 172.17.6.91 is up (0.18s latency).
Host 172.17.6.92 is up (0.19s latency).
Host 172.17.6.94 is up (0.049s latency).
Host 172.17.6.95 is up (0.19s latency).
Host 172.17.6.96 is up (0.19s latency).
Host 172.17.6.97 is up (0.042s latency).
Host 172.17.6.98 is up (0.15s latency).
Host 172.17.6.99 is up (0.15s latency).
Host 172.17.6.100 is up (0.043s latency).
Host 172.17.6.103 is up (0.15s latency).
Host 172.17.6.104 is up (0.15s latency).
Host 172.17.6.105 is up (0.22s latency).
Host 172.17.6.106 is up (0.15s latency).
Host 172.17.6.107 is up (0.15s latency).
Host 172.17.6.108 is up (0.054s latency).
Host 172.17.6.109 is up (0.045s latency).
Host 172.17.6.110 is up (0.043s latency).
Host 172.17.6.111 is up (0.043s latency).
Host 172.17.6.112 is up (0.045s latency).
Host 172.17.6.113 is up (0.046s latency).
Host 172.17.6.114 is up (0.049s latency).
Host 172.17.6.115 is up (0.049s latency).
Host 172.17.6.116 is up (0.050s latency).
Host 172.17.6.117 is up (0.042s latency).
Host 172.17.6.118 is up (0.052s latency).
Host 172.17.6.119 is up (0.041s latency).
Host 172.17.6.120 is up (0.15s latency).
Host 172.17.6.121 is up (0.044s latency).
Host 172.17.6.123 is up (0.15s latency).
Host 172.17.6.124 is up (0.042s latency).
Host 172.17.6.126 is up (0.15s latency).
Host 172.17.6.127 is up (0.16s latency).
Host 172.17.6.128 is up (0.13s latency).
Host 172.17.6.129 is up (0.047s latency).
Host 172.17.6.130 is up (0.043s latency).
Host 172.17.6.131 is up (0.043s latency).
Host 172.17.6.132 is up (0.039s latency).
Host 172.17.6.133 is up (0.041s latency).
Host 172.17.6.134 is up (0.039s latency).
Host 172.17.6.135 is up (0.040s latency).
Host 172.17.6.136 is up (0.039s latency).
Host 172.17.6.137 is up (0.038s latency).
Host 172.17.6.138 is up (0.039s latency).
Host 172.17.6.139 is up (0.038s latency).
Host 172.17.6.140 is up (0.040s latency).
Host 172.17.6.141 is up (0.13s latency).
Host 172.17.6.142 is up (0.040s latency).
Host 172.17.6.144 is up (0.14s latency).
Host 172.17.6.145 is up (0.084s latency).
Host 172.17.6.146 is up (0.039s latency).
Host 172.17.6.147 is up (0.14s latency).
Host 172.17.6.148 is up (0.038s latency).
Host 172.17.6.149 is up (0.040s latency).
Host 172.17.6.150 is up (0.14s latency).
Host 172.17.6.151 is up (0.067s latency).
Host 172.17.6.152 is up (0.039s latency).
Host 172.17.6.153 is up (0.047s latency).
Host 172.17.6.154 is up (0.047s latency).
Host 172.17.6.155 is up (0.14s latency).
Host 172.17.6.156 is up (0.16s latency).
Host 172.17.6.157 is up (0.064s latency).
Host 172.17.6.158 is up (0.055s latency).
Host 172.17.6.159 is up (0.062s latency).
Host 172.17.6.160 is up (0.057s latency).
Host 172.17.6.161 is up (0.056s latency).
Host 172.17.6.162 is up (0.055s latency).
Host 172.17.6.163 is up (0.060s latency).
Host 172.17.6.164 is up (0.058s latency).
Host 172.17.6.165 is up (0.16s latency).
Host 172.17.6.166 is up (0.054s latency).
Host 172.17.6.167 is up (0.054s latency).
Host 172.17.6.168 is up (0.16s latency).
Host 172.17.6.169 is up (0.056s latency).
Host 172.17.6.170 is up (0.056s latency).
Host 172.17.6.171 is up (0.055s latency).
Host 172.17.6.172 is up (0.056s latency).
Host 172.17.6.173 is up (0.055s latency).
Host 172.17.6.174 is up (0.057s latency).
Host 172.17.6.175 is up (0.17s latency).
Host 172.17.6.176 is up (0.043s latency).
Host 172.17.6.177 is up (0.041s latency).
Host 172.17.6.178 is up (0.16s latency).
Host 172.17.6.179 is up (0.042s latency).
Host 172.17.6.180 is up (0.097s latency).
Host 172.17.6.181 is up (0.040s latency).
Host 172.17.6.182 is up (0.049s latency).
Host 172.17.6.183 is up (0.099s latency).
Host 172.17.6.184 is up (0.042s latency).
Host 172.17.6.185 is up (0.043s latency).
Host 172.17.6.186 is up (0.11s latency).
Host 172.17.6.187 is up (0.10s latency).
Host 172.17.6.192 is up (0.17s latency).
Host 172.17.6.193 is up (0.11s latency).
Host 172.17.6.194 is up (0.044s latency).
Host 172.17.6.195 is up (0.046s latency).
Host 172.17.6.196 is up (0.12s latency).
Host 172.17.6.197 is up (0.047s latency).
Host 172.17.6.198 is up (0.047s latency).
Host 172.17.6.199 is up (0.046s latency).
Host 172.17.6.200 is up (0.045s latency).
Host 172.17.6.201 is up (0.17s latency).
Host 172.17.6.202 is up (0.086s latency).
Host 172.17.6.203 is up (0.047s latency).
Host 172.17.6.204 is up (0.17s latency).
Host 172.17.6.205 is up (0.18s latency).
Host 172.17.6.206 is up (0.18s latency).
Host 172.17.6.207 is up (0.085s latency).
Host 172.17.6.208 is up (0.044s latency).
Host 172.17.6.209 is up (0.043s latency).
Host 172.17.6.210 is up (0.085s latency).
Host 172.17.6.211 is up (0.088s latency).
Host 172.17.6.212 is up (0.055s latency).
Host 172.17.6.213 is up (0.19s latency).
Host 172.17.6.214 is up (0.053s latency).
Host 172.17.6.215 is up (0.049s latency).
Host 172.17.6.216 is up (0.20s latency).
Host 172.17.6.217 is up (0.051s latency).
Host 172.17.6.218 is up (0.049s latency).
Host 172.17.6.219 is up (0.055s latency).
Host 172.17.6.220 is up (0.050s latency).
Host 172.17.6.221 is up (0.050s latency).
Host 172.17.6.222 is up (0.051s latency).
Host 172.17.6.223 is up (0.051s latency).
Host 172.17.6.224 is up (0.051s latency).
Host 172.17.6.225 is up (0.051s latency).
Host 172.17.6.226 is up (0.052s latency).
Host 172.17.6.227 is up (0.19s latency).
Host 172.17.6.228 is up (0.041s latency).
Host 172.17.6.229 is up (0.041s latency).
Host 172.17.6.230 is up (0.19s latency).
Host 172.17.6.231 is up (0.041s latency).
Host 172.17.6.232 is up (0.039s latency).
Host 172.17.6.233 is up (0.18s latency).
Host 172.17.6.234 is up (0.039s latency).
Host 172.17.6.235 is up (0.039s latency).
Host 172.17.6.236 is up (0.20s latency).
Host 172.17.6.237 is up (0.049s latency).
Host 172.17.6.238 is up (0.048s latency).
Host 172.17.6.239 is up (0.050s latency).
Host 172.17.6.240 is up (0.049s latency).
Host 172.17.6.241 is up (0.20s latency).
Host 172.17.6.242 is up (0.048s latency).
Host 172.17.6.243 is up (0.050s latency).
Host 172.17.6.244 is up (0.20s latency).
Host 172.17.6.245 is up (0.052s latency).
Host 172.17.6.246 is up (0.048s latency).
Host 172.17.6.247 is up (0.050s latency).
Host 172.17.6.248 is up (0.050s latency).
Host 172.17.6.249 is up (0.047s latency).
Host 172.17.6.250 is up (0.047s latency).
Host 172.17.6.251 is up (0.046s latency).
Host 172.17.6.252 is up (0.048s latency).
Host 172.17.6.253 is up (0.049s latency).
Host 172.17.6.254 is up (0.047s latency).
Host 172.17.6.255 is up (0.048s latency).
Nmap done: 256 IP addresses (233 hosts up) scanned in 16.45 seconds



Ora, la domanda da un milione di dollari: STIAMO SCHERZANDO, VERO? Passi se e' il sysadmin inesperto di turno a creare reti con indirizzi a caso nell'infrastruttura privata di una PMI (negli ultimi dieci anni si e' visto di tutto: 128.0.0.0/24, 192.0.0.0/24); ma qui si sta parlando di gestori di telecomunicazioni, mica bruscolini. Qui, le sole due possibilita' sono che ad aver clamorosamente sbagliato (o ad aver sconfigurato per benino qualche firewall) possa essere stata Telecom Italia oppure il gestore della parte italiana di SeaBone. Scusate se e' poco.

Permalink: tiki-view_blog_post.php?blogId=5&postId=2869