slightly concerning,
Meraki is in bead with the NSA/Home land? | ||||||
| posted by Greg Whynott on March 27, 2017, 3:15 p.m. (1 day ago) | ||||||
| ||||||
| Thread Tags: discuss-at-studiosysadmins | ||||||
| ||||||
While setting up RADIUS for the Meraki VPN device I seen this in all the authentication packets: Frame 16307: 126 bytes on wire (1008 bits), 126 bytes captured (1008 bits) on interface 0 Ethernet II, Src: Dell_06:70:02 (14:18:77:06:71:a2), Dst: Vmware_87:fd:1e (00:50:56:87:3d:2e) Internet Protocol Version 4, Src: 10.101.111.4, Dst: 10.101.1.11 User Datagram Protocol, Src Port: 55230, Dst Port: 1812 RADIUS Protocol Code: Access-Request (1) Packet identifier: 0x5a (90) Length: 84 Authenticator: f7cc2cdc86bxxxx [The response to this request is in frame 16308] Attribute Value Pairs AVP: l=6 t=Service-Type(6): Framed(2) AVP: l=6 t=Framed-Protocol(7): PPP(1) AVP: l=11 t=User-Name(1): g.whynott AVP: l=18 t=User-Password(2): Encrypted AVP: l=11 t=Calling-Station-Id(31): CLIENTVPN AVP: l=6 t=NAS-IP-Address(4): 6.78.217.8 <---------------------------------------- *gasp* AVP Type: 4 AVP Length: 6 NAS-IP-Address: 6.78.217.8 <-------------------------------- AVP: l=6 t=NAS-Port(5): 1 That isn't my IP! lets do a whois, thinking it would come from Meraki's cloud network... [root@irix ~]# whois !$ whois 6.78.217.8 __SNIP__ NetRange: 6.0.0.0 - 6.255.255.255 CIDR: 6.0.0.0/8 NetName: CONUS-YPG-NET OrgName: Headquarters, USAISC OrgId: HEADQU-3 Address: NETC-ANC CONUS TNOSC City: Fort Huachuca StateProv: AZ What is Fort Huachuca? If you guessed the "United states Army network Enterprise tech command center", you would be correct! WTF? are they collecting account information from Meraki customers? Black ops! I hear helicopters, brb... greg |