[colug-432] bad.horse
William Yang
wyang at gcfn.net
Tue Sep 29 09:23:01 EDT 2015
On 09/26/2015 01:40 AM, Rob Stampfli wrote:
> Lifted from the YinYue list, where some of you may have already seen it,
> but if not:
>
> $ traceroute -m 60 bad.horse
>
> (It took someone a lot of resources to pull this one off!)
Technically, it did take some planning, but not all that many resources.
It required that there be an IP interconnect range with enough available
IPs between at least two adjacent routers, and DNS control of the reverse
DNS domain name, which would normally come with the IP range allocation in
moderately sized commercial and carrier grade spaces.
I'm not belittling this, because it's both creative and fun, but it's not a
particularly *difficult* task. There's work involved, but not many
resources.
The bad.horse example was run in 16 IP addresses in the 162.252.205.0/26
range, which is part of a larger allocation (162.252.204.0/22) to
"Sandwich.net," a hosting and Internet services provider in Minneapolis.
It also required getting the 'bad.horse' domain name registration from the
new .HORSE registry operated by minds+machines (www.nic.horse).
I don't see how to get the date/time from the link provided by Bill Baker,
which is what I'd need to look up historical range allocation data, but the
address space involved there has been allocated to Epik networks in Toronto
(epikip.net) since 2010... which makes it seem likely that they were the
ones behind the New Hope runner.
-Bill
--
William Yang
wyang at gcfn.net
More information about the colug-432
mailing list