[c-nsp] 1.1.1.0/24 and Cisco WLCs
Phil Mayers
p.mayers at imperial.ac.uk
Mon Mar 11 10:37:18 EDT 2013
On 11/03/13 13:42, Tony Varriale wrote:
> engineer worth their salt does not use this.
Maybe. But a lot of people *have* used it, because I've seen it when
doing webauth logins e.g. in airports, train networks, etc. And by
definition, the people unwise enough to use it are also likely to be the
people unwise enough to return and fix things up in the installations
they did.
Cisco wrote docs suggesting that people did this:
"""
Enter the IP address of the controller's virtual interface. You should
enter a fictitious, unassigned IP address, such as 1.1.1.1.
"""
http://www.cisco.com/en/US/docs/wireless/controller/2100/quick/guide/ctrl206q.html
(amongst others)
This was always terrible, very naughty advice. That sentence should have
read:
"""
You should enter an IP address from a range you control, such as public
IPs owned by your organisation or RFC 1918 space e.g. 10.1.1.1
"""
Bad cisco! Bad! No treats for you!
More information about the cisco-nsp
mailing list