Acidus wrote:
-----Original Message-----
From: First Last [mailto:c01n0p@yahoo.com]
Sent: Sunday, July 17, 2005 11:50 AM
To: pen-test@securityfocus.com
Subject: list of address that you don't want to scan

FYI...

Original site link -
http://professionalsecuritytester.com/modules.php?name=News&file=article&sid=70

IP address you should NOT scan
Posted by cdupuis on Thursday, April 01 @ 09:38:09 CST Contributed by cdupuis

The Government Security website at
http://www.governmentsecurity.org has produced a nice list of IP address you should be aware of as a tester.
They are mostly government agencies addresses and could quickly get you in trouble if you would scan them by mistake.

Click on Read More... below see the whole list

Enjoy!

Clement

--------------------------------------------------------------------------------
With kindly thanks to Mountainman, the list of dangerosly ranges is updated again!!!
-------------------------------------------------

RANGE 6
6.* - Army Information Systems Center

RANGE 7
7.*.*.* Defense Information Systems Agency, VA

RANGE 11
11.*.*.* DoD Intel Information Systems, Defense Intelligence Agency, Washington DC

RANGE 21
21. - US Defense Information Systems Agency

RANGE 22
22.* - Defense Information Systems Agency

RANGE 24
24.198.*.*

RANGE 25
25.*.*.* Royal Signals and Radar Establishment, UK

RANGE 26
26.* - Defense Information Systems Agency

RANGE 29
29.* - Defense Information Systems Agency

RANGE 30
30.* - Defense Information Systems Agency

RANGE 49
49.* - Joint Tactical Command

RANGE 50
50.* - Joint Tactical Command

RANGE 55
55.* - Army National Guard Bureau

RANGE 55
55.* - Army National Guard Bureau

RANGE 62
62.0.0.1 - 62.30.255.255 Do not scan!

RANGE 64
64.70.*.* Do not scan
64.224.* Do not Scan
64.225.* Do not scan
64.226.* Do not scan

RANGE 128
128.37.0.0 Army Yuma Proving Ground
128.38.0.0 Naval Surface Warfare Center
128.43.0.0 Defence Research Establishment-Ottawa 128.47.0.0 Army Communications Electronics Command 128.49.0.0 Naval Ocean Systems Center 128.50.0.0 Department of Defense 128.51.0.0 Department of Defense 128.56.0.0 U.S. Naval Academy 128.60.0.0 Naval Research Laboratory 128.63.0.0 Army Ballistics Research Laboratory 128.80.0.0 Army Communications Electronics Command 128.98.0.0 - 128.98.255.255 Defence Evaluation and Research Agency 128.102.0.0 NASA Ames Research Center 128.149.0.0 NASA Headquarters 128.154.0.0 NASA Wallops Flight Facility 128.155.0.0 NASA Langley Research Center 128.156.0.0 NASA Lewis Network Control Center 128.157.0.0 NASA Johnson Space Center 128.158.0.0 NASA Ames Research Center 128.159.0.0 NASA Ames Research Center 128.160.0.0 Naval Research Labor... [ Read More (4.7k in body) ]

Jello wrote:

Jesus Christ, those military ranges seem excessive. Is the Pentagon anti-NAT?

You gotta remember that as the Internet was being formed from DoD and ARPA research, that huge classes of address space were 'claimed' or appropriated by these organizations, well before today's firewalls and NAT techniques were developed to conserve address space. Chances are those class A addresses hide MANY firewalls and tens of thousands of nodes, so they probably ARE using those techniques to conserve address space. Of course, you won't be able to tell how efficient they're being since you can't scan them!

Even on the commercial side, it's rare to see someone return address space to the NIC, unless they go out of business. Even then, their ASN and address space can propagate for years before it's reclaimed and reapportioned.

I was surprised at how little foreign government's were represented in the list vis a vis the US. I would've thought that China, Russia, the UK, and even middle eastern states would have at least much more presence online, particularly with nodes that don't appreciate scanning.