5
submitted 7 months ago* (last edited 7 months ago) by LunchEnjoyer@lemmy.world to c/privacy@lemmy.world

Recently discovered the following two addresses in my DNS-filter, 26.26.26.1 and 26.26.26.2. How can I confirm that these belong to? These are both public-ip addresses but seems to be owned by the US Military?

If I look at https://www.abuseipdb.com/check/26.26.26.2, it says it belongs to:

  • ISP: DoD Network Information Center
  • Type: Military
  • Country: US.

What does this mean? As far as I've researched, its got something to do with Socks protocol? This Github repo I found seems to be using it too, but why is it used? If anyone knows, id very much appreciate your help.

https://github.com/PeterCxy/SocksDroid/blob/master/app/src/main/groovy/net/typeblog/socks/SocksVpnService.groovy

you are viewing a single comment's thread
view the rest of the comments
[-] h3ndrik@feddit.de 3 points 7 months ago* (last edited 7 months ago)

You probably found that old reddit post talking about shadowsocks?? I think that's unlikely unless you keep that very old app version around. (But there could be other software you're playing around with?)

These are large address spaces reserved in the early days of the internet. I have no idea if the DoD even uses that one actively. Maybe somebody repurposed that network? Maybe you operate an authoritative DNS server? Or you just got scanned by some random crawler looking for compromised systems or vulnerable IoT devices...

I found this additional info: https://blog.erratasec.com/2013/12/dod-address-space-its-not-conspiracy.html

[-] LunchEnjoyer@lemmy.world 2 points 7 months ago

Indeed, found that blog too after I posted. Blog explains it pretty well

this post was submitted on 10 Apr 2024
5 points (85.7% liked)

Privacy

4027 readers
2 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 1 year ago
MODERATORS