Popular Internal IP Addressing Scheme Could Leave Enterprises Vulnerable

A popular method of saving IP address space in enterprise networks could expose businesses to hackers who might use it to interrupt service or steal data, according to a well-known security researcher said.

Robert Hansen (a.k.a. "RSnake") discussed the newly discovered vulnerabilities in a blog published Saturday and in presentations in Las Vegas and Sweden last week. Hansen and other security experts advised enterprises to move swiftly to mitigate the possibility of attacks that exploit the flaws.

In a nutshell, Hansen is warning enterprises about the use of "nonroutable" IP addresses, particularly as described in the Internet Engineering Task Force's RFC 1918 standard. These addresses, sometimes called "private IP addresses," are frequently used in corporate networks to name systems and devices that are used only internally and have no need to be routed over the Internet. RFC 1918 is used widely in large enterprise networks, where an organization may need to preserve a finite number of public IP addresses.