Department of Defense?

I just received an eBay spoof email requesting I verify my user information by clicking on the link. Being the geek that I am, I proceed to view the email’s headers to see where it came from. I perform a whois lookup on the IP address..

OrgName: DoD Network Information Center
OrgID: DNIC
Address: 3990 E. Broad Street
City: Columbus
StateProv: OH
PostalCode: 43218
Country: US

NetRange: 33.0.0.0 – 33.255.255.255
CIDR: 33.0.0.0/8
NetName: NIPR-CONUS
NetHandle: NET-33-0-0-0-1
Parent:
NetType: Direct Allocation
NameServer: CON1R.NIPR.MIL
NameServer: CON2R.NIPR.MIL
NameServer: EUR1R.NIPR.MIL
NameServer: EUR2R.NIPR.MIL
NameServer: PAC1R.NIPR.MIL
NameServer: PAC2R.NIPR.MIL

So what does that mean you ask? That means one of two options:

  • The US Department of Defense has a spammer working from within their network.
  • More likely, there’s a US Department of Defense workstation that has malware and/or viruses on it that’s allowing the real spammers access to their computer to exploit.

I’m not one to really get involved in bashing politics and the military, but it isn’t very comforting know that the US Department of Defense cannot protect its network yet is charged with protecting the United States and everything for which we stand.


Comments are closed.