CSI: Cyber

Matt reviewed CSI: Cyber some weeks ago… today I was channel surfing and came across this weeks episode…
I decided to watch it, just for kicks.

Hmmm… they found a suspect at the IP Address of “957.x.y.z”… in of all things from the header of a commercial email… which… no email these days includes the originating IP addresses anymore… nor is any digit of an IP address larger then 255….Um…

So, I won’t be watching this again.

But, I will say this… if non-IT security people watch it and start becoming more aware (or scared) of cyber-security issues… I don’t think I can complain about that…

2 thoughts on “CSI: Cyber

  1. Flavius Renatus

    I have a feeling the bogus IP address was well intended – more than likely it was used to avoid some fool initiating a DDoS attack on the address just to see what happens. That is why phone numbers given out on movies or TV are always of the 555-xxx-xxxx variety because early in the history of television they actually put out real phone numbers and some innocent souls paid the price… nowadays the 555-0100 through 555-0199 numbers are specifically reserved for fictional use

    Reply
    1. ejohnfelt Post author

      Maybe, but if that were the case, they could also have provided one of 32M+ addresses that would be correct, but would not cause *any* such risks or harm, namely the IANA private address ranges (10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12 and the well known local loopback addresses, 127.0.0.0/8).

      Technically, the address they had given would not be in error if it were a IPv6 address. *but* IPv4 and IPv6 have different formats and the one in that episode was presented in the standard 4 dotted quad IPv4 format. Addresses, are really just big integers. For example, 0.0.0.1 and 1 are equivalent. Provided the integers are not larger then 32-bits for IPv4 and 128 bits for IPv6…. there are plenty of addresses to be used for fictional purposes.

      While I realize, it’s just fiction. Stories from a historical perspective, even when entertaining, have also been used to educate. IT is filled with enough false information that it doesn’t help the cause, it just continues to hurt it.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *