Please excuse my ignorance on this and note that I am not condoning the hijacking of IP address space. As long as necessary precautions are taken (route filters, tunnels, VRF's) shouldn't this be technically feasible without any negative ramifications? These 7-NET address seem to be assigned to the modem itself, but surely they aren't what the customer sees at thier WAN IP address right? So as long as the modem is configured to send ALL traffic, regardless of destination address (could be a 7NET dst) over a GRE tunnel to some aggregation point via its acquired 7-net address and all routers were to keep the 7net on a separate VRF, shouldn't they be able to avoid any IP collisions? Couldn't you theoretically use anyone's IP space, advertised or not, for this internal transit? I'm not saying it's a good idea, it's certainly more complex which leads to its own issues, but shouldn't it be possible? -Jeremy On Tue, May 24, 2011 at 9:50 PM, Steven Bellovin <smb@cs.columbia.edu>wrote:
On May 24, 2011, at 9:29 06PM, Jay Ashworth wrote:
----- Original Message -----
From: "Jimmy Hess" <mysidia@gmail.com>
On Tue, May 24, 2011 at 4:34 PM, <Vinny_Abello@dell.com> wrote:
I think those within the organization that deploy those vehicles or are Navy SEALs might sit at different lunch tables than the guys worried about IP address collisions. ;-)
The F/A-18 Hornets, F/A-22 Raptors are well, and good, but that's old technology The folks in charge of the MQ-1 predator drones might sit closer to the guys worried about the IP addresses.
And automated drone strikes can always be blamed on a malfunction caused by the hijacking
If packets that control armed drones cross any router that has access even to SIPRnet, much less the Internet, someone's getting relieved.
http://www.eweek.com/c/a/Security/Militants-Hack-Unencrypted-Drone-Feeds-477...
--Steve Bellovin, https://www.cs.columbia.edu/~smb