Tuesday 6 April 2010

P.R.A.N.K

"Loopback" IP addresses:

127.0.0.0 - 127.255.255.255

Each computer on the Internet uses 127.0.0.0/8 to identify itself, to itself. 127.0.0.0 to 127.255.255.255 is earmarked for what is called "loopback". This construct allows a computer to establish/validate its IP stack. Most software only uses 127.0.0.1 for loopback purposes (the other addresses in this range are seldom used). All of the addresses within the loopback address are treated with the same levels of restriction in Internet routing, so it is difficult to use any other addresses within this block for anything other than node specific applications, generally bootstraping. This is documented in RFC 5735.

A loopback interface has several uses. It may be used by network client software on a computer to communicate with server software on the same computer, viz., on a computer running a web server, pointing a web browser to the URLs http://127.0.0.1/ or http://localhost/ will access that computer's own web site. This works without any actual network connection–so it is useful for testing services without exposing them to security risks from remote network access. Likewise, pinging the loopback interface is a basic test of the functionality of the IP stack in the operating system.

Packets sent in an IP network with a source address belonging to the loopback interface can cause a number of problems for older or buggy network software. Such packets are known as "martian packets" [1]. The Internet Protocol specification dictates that such packets must not be transmitted outside of a host, and must be dropped if received on a network interface (cf. RFC 1700, RFC 2893).

One notable exception to the use of the loopback network addresses (127/8) is their use in Multiprotocol Label Switching (MPLS) traceroute error detection techniques (RFC 4379) in which their property of not being routable provides a convenient means to avoid delivery of faulty packets to end users.

Loopback addresses are the subject of a reasonably common Internet prank: directing an inexperienced user to connect to (or attack) his own loopback interface as if it were a remote server[2].

127.0.0.0/8 - This block is assigned for use as the Internet host
loopback address. A datagram sent by a higher-level protocol to an
address anywhere within this block loops back inside the host. This
is ordinarily implemented using only 127.0.0.1/32 for loopback. As
described in [RFC1122], Section 3.2.1.3, addresses within the entire
127.0.0.0/8 block do not legitimately appear on any network anywhere.

No comments: