cross-posted from: https://lemmy.world/post/14131393

Recently discovered the following two addresses in my DNS-filter, 26.26.26.1 and 26.26.26.2. How can I confirm that these belong to? These are both public-ip addresses but seems to be owned by the US Military?

If I look at https://www.abuseipdb.com/check/26.26.26.2, it says it belongs to:

  • ISP: DoD Network Information Center
  • Type: Military
  • Country: US.

What does this mean? As far as I’ve researched, its got something to do with Socks protocol? This Github repo I found seems to be using it too, but why is it used? If anyone knows, id very much appreciate your help.

https://github.com/PeterCxy/SocksDroid/blob/master/app/src/main/groovy/net/typeblog/socks/SocksVpnService.groovy

edit1: formatting

edit2: Found an additional GH Repo that use the same IP addresses for something called V2RayVPNService: https://github.com/2dust/v2rayNG/blob/master/V2rayNG/app/src/main/kotlin/com/v2ray/ang/service/V2RayVpnService.kt

edit3: This blogpost explains it quite well. https://blog.erratasec.com/2013/12/dod-address-space-its-not-conspiracy.html

The reason all these address spaces are DoD is because that’s really the only source of unused IPv4 addresses left. All IPv4 address ranges have been assigned. But, the DoD has been assigned 20% of the IPv4 address space, but most of it is used within the DoD, on their own private networks, and is not routable to the outside world. Thus, if you are looking for a large chunk of “private” addresses that won’t suddenly one day be assigned to Akamai or Amazon (and thus, explode in your face), then DoD addresses are the way to go.

  • crawancon@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    7 months ago

    apps and things set their address space to use DOD ranges all the time. accidentally and on purpose. neither are 100% nefarious. 26’s were once used by shadowsocks.