Can you replicate it yourself? Sounds like a bug to me if it happens on one form but not the other (be it portal form VS admin equipment editing form).
Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Sun, Mar 8, 2015 at 3:06 PM, That One Guy <[email protected]> wrote: > I am able to replicate a small issue we are having, trying to make the > decision of whether it looks like a security issue or just a bug. > > Through powercode, there are two ways to update equipment, through our > interface, where we select all the details and through the customer portal > where all the customers can do is update their MAC address. > > no problems with our end. > > However, when a customer updates their MAC address, it is assigning IP > space that apparently belongs to this Commerzbank IP space 208.74.54.100 > and 208.74.54.99. > > This IP space is absolutely not in our system, and wouldnt route naturally > on our network > > Net Range208.74.52.0 - 208.74.55.255CIDR208.74.52.0/22 > NameDKIB-USAHandleNET-208-74-52-0-1ParentNET208 (NET-208-0-0-0-0 > <http://whois.arin.net/rest/net/NET-208-0-0-0-0.html>)Net TypeDirect > AssignmentOrigin ASOrganizationCommerzbank AG (COMMER-109 > <http://whois.arin.net/rest/org/COMMER-109.html>) > > My initial thoughts are this is some bug in powercode. > > Paranoid me is that our system is somehow compromised and rerouting > illegitimate traffic somehow. Customer is down, so not through them. but > something like TOR rerouting or some other magician script for the axis of > evil. > > Anybody have any ideas on this? I am debating taking our billing server > offline, but would hate to take such an extreme measure for what could > amount to nothing more than a fat finger from a programmer. > > -- > If you only see yourself as part of the team but you don't see your team > as part of yourself you have already failed as part of the team. >
