is it the same IPs being handed out that you guys are seeing? Youd think this would be a priority fix for them
On Sun, Mar 8, 2015 at 9:25 PM, Jeremy <[email protected]> wrote: > I also have a ticket in about this issue. > > On Sun, Mar 8, 2015 at 2:10 PM, That One Guy <[email protected]> > wrote: > >> This is known to them? (powercode) >> >> On Sun, Mar 8, 2015 at 3:00 PM, CBB - Jay Fuller < >> [email protected]> wrote: >> >>> >>> yes, they're aware of it. i pointed this out to them weeks ago. :( >>> >>> >>> ----- Original Message ----- >>> *From:* That One Guy <[email protected]> >>> *To:* [email protected] >>> *Sent:* Sunday, March 08, 2015 2:06 PM >>> *Subject:* [AFMUG] Powercode oddity - Commerzbank Ip space >>> >>> I am able to replicate a small issue we are having, trying to make the >>> decision of whether it looks like a security issue or just a bug. >>> >>> Through powercode, there are two ways to update equipment, through our >>> interface, where we select all the details and through the customer portal >>> where all the customers can do is update their MAC address. >>> >>> no problems with our end. >>> >>> However, when a customer updates their MAC address, it is assigning IP >>> space that apparently belongs to this Commerzbank IP space 208.74.54.100 >>> and 208.74.54.99. >>> >>> This IP space is absolutely not in our system, and wouldnt route >>> naturally on our network >>> >>> Net Range 208.74.52.0 - 208.74.55.255 CIDR 208.74.52.0/22 >>> Name DKIB-USA Handle NET-208-74-52-0-1 Parent NET208 (NET-208-0-0-0-0 >>> <http://whois.arin.net/rest/net/NET-208-0-0-0-0.html>) Net Type Direct >>> Assignment Origin AS Organization Commerzbank AG (COMMER-109 >>> <http://whois.arin.net/rest/org/COMMER-109.html>) >>> >>> My initial thoughts are this is some bug in powercode. >>> >>> Paranoid me is that our system is somehow compromised and rerouting >>> illegitimate traffic somehow. Customer is down, so not through them. but >>> something like TOR rerouting or some other magician script for the axis of >>> evil. >>> >>> Anybody have any ideas on this? I am debating taking our billing server >>> offline, but would hate to take such an extreme measure for what could >>> amount to nothing more than a fat finger from a programmer. >>> >>> -- >>> If you only see yourself as part of the team but you don't see your >>> team as part of yourself you have already failed as part of the team. >>> >>> >> >> >> -- >> If you only see yourself as part of the team but you don't see your team >> as part of yourself you have already failed as part of the team. >> > > -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
