Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
The Internet Government Security The Military United States

Millions of the Pentagon's Dormant IP Addresses Have Mysteriously Sprung to Life (msn.com) 82

"Just before the end of the Trump administration, an obscure Florida company began announcing routes to IP addresses owned by the Pentagon," writes long-time Slashdot reader whoever57. The Washington Post calls it "a huge unused swath of the Internet that, for several decades, had been owned by the U.S. military." What happened next was stranger still. The company, Global Resource Systems LLC, kept adding to its zone of control. Soon it had claimed 56 million IP addresses owned by the Pentagon. Three months later, the total was nearly 175 million. That's almost 6 percent of a coveted traditional section of Internet real estate — called IPv4 — where such large chunks are worth billions of dollars on the open market... "They are now announcing more address space than anything ever in the history of the Internet," said Doug Madory, director of Internet analysis for Kentik, a network monitoring company, who was among those trying to figure out what was happening...

The change is the handiwork of an elite Pentagon unit known as the Defense Digital Service, which reports directly to the secretary of defense. The DDS bills itself as a "SWAT team of nerds" tasked with solving emergency problems for the department and conducting experimental work to make big technological leaps for the military... Brett Goldstein, the DDS's director, said in a statement that his unit had authorized a "pilot effort" publicizing the IP space owned by the Pentagon. "This pilot will assess, evaluate and prevent unauthorized use of DoD IP address space," Goldstein said. "Additionally, this pilot may identify potential vulnerabilities...."

The specifics of what the effort is trying to achieve remain unclear... What is clear, however, is the Global Resource Systems announcements directed a fire hose of Internet traffic toward the Defense Department addresses...

Russell Goemaere, a spokesman for the Defense Department, confirmed in a statement to The Washington Post that the Pentagon still owns all the IP address space and hadn't sold any of it to a private party.

This discussion has been archived. No new comments can be posted.

Millions of the Pentagon's Dormant IP Addresses Have Mysteriously Sprung to Life

Comments Filter:
  • Obviously... (Score:2, Interesting)

    by Anonymous Coward
    It's gearing up for a massive DDoS on the civilians!
    • It's gearing up for a massive DDoS on the civilians!

      "a huge unused swath of the Internet that, for several decades, had been owned by the U.S. military."

      With what? A massive army of...Win95 machines?

      (Knowing government spending, there's a shiny new GateWay 2000 on the ass end of half that IP space.)

      • With what? A massive army of...Win95 machines?

        You joke, but ...

      • With what? A massive army of...Win95 machines?

        You do realize that the Internet, and with it IPv4 addresses pre-date Win95, right?

        Unfortunately, in the early days, massive blocks were handed out. Among others, Sun Microsystems used to have (and Oracle may still have) some massive blocks and wasted them on their internal networks. In fact, I think that Sun used to do training in which they instructed people to use the Sun IP addresses as private IP addresses (like RFC 1918 addresses).

        • by retchdog ( 1319261 ) on Saturday April 24, 2021 @10:47PM (#61310612) Journal

          can you imagine how bad the internet would be if the government ran it?! thank god it was Sun Microsystems.

        • Re:Obviously... (Score:4, Informative)

          by quenda ( 644621 ) on Saturday April 24, 2021 @11:06PM (#61310642)

          Unfortunately, in the early days, massive blocks were handed out. Among others, Sun Microsystems used to have (and Oracle may still have) some massive blocks and wasted them on their internal networks.

          Back then TCP/IP was just a temporary thing that would soon be replaced by a "proper" OSI protocol stack. Nobody expected every man and his fridge to use TCP/IP.

        • Re:Obviously... (Score:4, Informative)

          by tlhIngan ( 30335 ) <slashdotNO@SPAMworf.net> on Sunday April 25, 2021 @02:47AM (#61310968)

          Unfortunately, in the early days, massive blocks were handed out. Among others, Sun Microsystems used to have (and Oracle may still have) some massive blocks and wasted them on their internal networks. In fact, I think that Sun used to do training in which they instructed people to use the Sun IP addresses as private IP addresses (like RFC 1918 addresses).

          They were handed out because the Class A/B/C system wasn't granular enough. Class C was only useful for small businesses with 254 addresses, so a medium sized business with say, 300 employees would need a Class B. This results in a lot of companies getting a class B because they couldn't fit in a Class C.

          And larger organizations still, like Sun, Apple, etc, they were handed Class A's because they couldn't fit in a Class B.

          Waste was huge - 254 addresses work for a small company, but if you need 255 or more, suddenly you got a Class B even though you don't need all 65534 addresses. You can bet a lot of companies that had a class B only really needed between 1000-10,000 addresses.

          And big companies got 15.7M addresses, even if all they had was 100,000 computers they wanted to connect.

          Of course, these days, CIDR and enhanced routers means you can have finer grained allocations, but also multiple allocations in different subnets. If you have a /24 and need another handful of addresses, you might get a /28 or something to add on.

          But back when you only had the choice of /8, /16 or /24, the system wasn't so flexible. And routers weren't as good so you got a contiguous allocation to simplify the global routing table. If you were an ISP, think of your customers. If you're an ultra tiny ISP, you might fit in a Class C. If you serve maybe a small town or city, a Class B would work. But if you serve several cities of maybe a million people, you'd have to get a Class A. There's just a huge jump between 254 to 65534, and 65534 to 16.7 million.

        • So... NetWare v3.12?
        • Ford owns the entire 19 class a

    • No, the Pentagon is executing a DDoS attack on itself!

      the Global Resource Systems announcements directed a fire hose of Internet traffic toward the Defense Department addresses...

  • by schwit1 ( 797399 ) on Saturday April 24, 2021 @09:00PM (#61310466)

    ... they can't give some of those /8 & /16 back?

    • Back in 2015, there were proposals to sell most of the unused spectrum. The proposal was stripped from the legislation. It could have raised several billion dollars, but Congress is famous for supporting government waste.

    • by Luthair ( 847766 )
      Technically they don't actually own them. https://en.wikipedia.org/wiki/... [wikipedia.org]
    • by Tom ( 822 )

      They could - but why would they? It's not like they need money and they can always be useful. More importantly: They're a scarce resource, so once you gave them back, you won't get them again.

  • by slashmaddy ( 964291 ) on Saturday April 24, 2021 @09:13PM (#61310482)

    Just the first few nodes of Skynet coming online for beta testing.

    • Nah, they were BGP hijacked by China Telecom. Who knows why....

      • Yea, that's more along the lines of what I was thinking; What makes everyone so sure the people actually in charge of these IP addresses even know this is happening?

        • What makes everyone so sure the people actually in charge of these IP addresses even know this is happening?

          They read the summary...

          Brett Goldstein, the DDS's director, said in a statement that his unit had authorized a "pilot effort" publicizing the IP space owned by the Pentagon. "This pilot will assess, evaluate and prevent unauthorized use of DoD IP address space," Goldstein said. "Additionally, this pilot may identify potential vulnerabilities...."

    • by fermion ( 181285 )
      This is potentially no joke. The company, which shares the same name with a company that was listed at the same coworker space that is company uses as its address, was a spam factory

      The current owner, which does have some contracts with the government, only lists his other address as box at a UPS store.

      The company has no public facing website. There is no mention that these contracts went up for bid. In fact there is seems to be no documentation on any formalities or protection for the country concernin

  • So... (Score:5, Insightful)

    by msauve ( 701917 ) on Saturday April 24, 2021 @09:53PM (#61310528)
    the DoD just created the world's largest honeypot.
    • by Anonymous Coward

      the DoD just created the world's largest honeypot.

      Exactly. And since certain countries of interest have providers well known to use some of those DoD IPv4 addresses for internal use, the data may provide some insights (at least for a while).

    • Not much of a honeypot if all you get is random ingress traffic attempting to connect to a port on what used to be a squatter device on a previously unclaimed DoD address.
  • The war machine springs to life
    Opens up one eager eye
    Focusing it on the sky
    Where 99 red balloons go by

  • drop a few more /8 and treat the u.s. military terrorists the same as china & russia. a whitelist is shorter and easier on the firewall cpu than a drop/block list.
  • Some background here - https://ipv4.global/u-s-depart... [ipv4.global]

    (1) IN GENERAL.—Not later than 10 years after the date of the enactment of this Act, the Secretary of Defense shall sell all of the IPv4 addresses described in subsection (b) at fair market value. The net proceeds collected from a sale under this section shall be deposited in the General Fund of the Treasury.
    (2) DEADLINES FOR CERTAIN BLOCKS.—Of the IPv4 addresses described in subsection (b), the Secretary of Defense shall sell in accordance

  • by enriquevagu ( 1026480 ) on Sunday April 25, 2021 @04:47AM (#61311172)

    The Pentagon may be studying how to avoid having its addresses hijacked, as occurred to YouTube in 2008 [ripe.net] when Pakistan Telecom started advertising their addresses.

  • I think it is entirely reasonable to have the IG validate these claims. Given when they started, I am still concerned that someone it trying to profit off of these addresses.
  • Comment removed based on user account deletion

Over the shoulder supervision is more a need of the manager than the programming task.

Working...