2011/9/8 Atıf CEYLAN <[email protected]>:
> Merhabalar,
> son zamanlarda neredeyse kesintisiz ddos aliyoruz. Ancak ilgimi ceken bir
> konu var. Saldirganlardan bir bolumunu, GSM operatorlarinin /16 networkleri
> icindeki yuzlerce ip adresleri olusturuyor. gsm operatorleri ip adreslerini
> neye gore dagitiyorlar? Elimdeki bilgi, birbirlerine yakin bolgedeki
> saldirganlari mi verir? (cografi veritabanlarindan malesef sadece
> sehirlerine ulasabiliyorum.)

Hello Atıf

Firstly, I apologize for responding in English..

If you think you are receiving malicious traffic from a Kirmizi GSM
operator, please contact me privately and I will see if I can help
you..

To answer your question, GSM "packet" networks are managed by one or
more access servers called a GGSN (See
http://code.peternixon.net/packetdata/wiki/GGSN ) which are quite
similar to the BRAS run by DSL operators, although GGSNs obviously
have extra GSM specific intelligence. Operators usually have only a
few GGSNs for a country like Turkey (less than 20) which means that
each GGSN typically has several hundred thousand active sessions and
therefore serves several /16 IP blocks. This means that under normal
circumstances all subscribers on the same /16 IP block will be from
the same region or city, but from an IP perspective the exact location
on the radio network is unimportant and a subscriber from Izmit may
have an IP address next to a subscriber from Gunesli. It is even
possible for a subscriber from Ankara to drive to Istanbul and still
be connected to the Ankara GGSN and there using an IP from the Ankara
IP pool, and access the internet via the Ankara internet router...

I hope this helps explain things

Regads

--
Peter Nixon
http://peternixon.net/

"Normal people believe that if it ain't broke, don't fix it. Engineers
believe that if it ain't broke, it doesn't have enough features yet"
Scott Adams
_______________________________________________
Linux-guvenlik mailing list
[email protected]
https://liste.linux.org.tr/mailman/listinfo/linux-guvenlik
Liste kurallari: http://liste.linux.org.tr/kurallar.php

Cevap