South Korea Backtracks On China As Source of Cyberattack 125
hackingbear writes "The suspected cyberattack that struck South Korean banks and media companies this week didn't originate from a Chinese IP address, South Korean officials said Friday, contradicting their previous claim. The Korea Communications Commission said that after 'detailed analysis,' the IP address used in the attack is the bank's internal IP address — which is, coincidentally identical to a Chinese ISP's address, among the 2^32 address space available."
Re:Hanlon's (Score:5, Informative)
Define Exhausted all private Address space?
In just the 10 block alone there are 16,777,216. This bank isn't that big.
Re:Hanlon's (Score:4, Informative)
its RFC 1918...
They will grab your geek card on the way out.
Re:Hanlon's (Score:3, Informative)
With IPV6 you would be using your own public address internally, perfectly legitimate and no problem. The problem here is using someone elses public address internally. Among the minor gotchas, it becomes hard for your internal users to reach that external site, should they ever need to.
Should you inadvertently start to advertise someone elses IP address to your ISP, they will probably and quite correctly shut you down.
anonymous CCNP!
Re:Hanlon's (Score:5, Informative)
Until a couple years ago, it was common practice to squat on 1.0.0.0/8 for internal use when 10.0.0.0/8 ran out. Then IANA allocated the space to APNIC which subsequently allocated most of it to China.