IP Jacking : My experience / story / testing

[HaitiBrother]

So, you're probably already aware of the ability to jack IP's, if not, you should read this.

This is my personal testing on the theory behind this. I first set-up a dedicated server in the Netherlands, installed OVZ on it, spun on a Debian server, put the IP address on it, then I spun on another OVZ with Debian on it, assigned a different IP, then I created a new network adapter (virtual), assigned it the one IP I wanted to jack, it worked, I was able to use that IP address.

So, I thought, let's try something different, I spun up another Debian, this time I selected DHCP for the IP setting, and I was able to jack an IP address that wasn't even in my network block, it just found this IP laying there, took it and was able to be used.

Might just be me, but when I saw that I thought it was funny, because imagine how much stuff you can do in my second example with DHCP where it takes a real IP address that you don't own.

 

[KuJoe]

VLANs FTW.

 

[coreyman]

This sounds like it was too easy for you...

 

[blergh]

I thought slapping each box on their own VLAN was common sense, i suppose not?

 

[rds100]

If the DC doesn't put each customer on their own VLAN, they fully deserve all the potential problems they could get.

We even put each Raspberry Pi in a separate VLAN.

 

[OffshoreBox]

Which DC was this?

 

[peterw]

Wow you hacked their network by using their DHCP. They should get slapped for not using vlans.

 

[HaitiBrother]

For those wondering, the datacenter was Serverius

 

[Taronyu]

For those wondering, the datacenter was Serverius

Why doesn't this suprise me. Serverius is one of the budget DC's around here.


Send from my Galaxy S3

 

[AuroraZero]

Why doesn't this suprise me. Serverius is one of the budget DC's around here.


Send from my Galaxy S3

This makes a difference why? How does this effect the fact that they should be following the correct security measures?

Just because a company is a budget provider should not make a difference at all. I am sorry but this is really starting to piss me off lately. People bitching and complaining about things getting hacked and screwed up, but then on the same hand not wanting to take the entra few steps to secure the things they need to do themseleves.

So what if it takes two extra steps for you to get into your container. Better that then to lose all your data.

Moral of the story if you do not know how to do it yourself, hire someone who does and then do not disable what they do to protect you and leave it alone.

Sorry guys I will end my rant now and go back into hiding.

 

[BrianHarrison]

This makes a difference why? How does this effect the fact that they should be following the correct security measures?

Taronyu is saying he's not surprised -- he's not implying that being a budget datacenter is a valid excuse.

 

[Tom_WebhostingUK LTD]

Seems to be a tough job for hacking network. Haven't they recognized yet?