• TechLich@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      It’s not that it’s on the 172.16.0.0/12 range. That’s totally normal and used for all kinds of stuff.

      It’s that it’s in 172.16.42.0/24 which is the default dhcp settings for a wifi pineapple. It’s the /24 mask given on the .42 that’s a little suspicious because that’s not a common range for anything else.

      Being assigned one of those specific 253 hosts with that subnet mask would definitely make me think twice.

      • BigDanishGuy@sh.itjust.works
        link
        fedilink
        arrow-up
        0
        ·
        4 months ago

        It’s the /24 mask given on the .42 that’s a little suspicious because that’s not a common range for anything else.

        Well now I know. I operate a ton of /24 subnets in the 172.16.0.0/12 scope. Technically I could fit them in the 192.168.0.0/16 scope, but I have lots of students connecting SoHo wifi-routers to the subnets, and this way it’s pretty easy to tell, if someone put the WAN cable in a LAN port when people are getting 192.168.1.0/24 DHCP offers.

        • u/lukmly013 💾 (lemmy.sdf.org)@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          0
          ·
          4 months ago

          but I have lots of students connecting SoHo wifi-routers to the subnets, and this way it’s pretty easy to tell, if someone put the WAN cable in a LAN port when people are getting 192.168.1.0/24 DHCP offers.

          I use 172.31.254.0/23 on my WiFi router. I guess I’d confuse you. /23 to just separate it nicely into 2 /24 blocks.
          172.31.254.0/24 range is for manual assignments and 172.31.255.0/24 range is given out by DHCP.
          I do not need that many IPs, it’s just for convenience.

          I chose this range because of my school as it uses 192.168.0.0/16 range.
          To help mitigate my possible mistakes when connecting to school network, I set the DHCP lease time to just 5 minutes.

          • Trainguyrom@reddthat.com
            link
            fedilink
            English
            arrow-up
            0
            ·
            edit-2
            4 months ago

            172.31.254.0/24 range is for manual assignments and 172.31.255.0/24 range is given out by DHCP. I do not need that many IPs, it’s just for convenience.

            I do similar for my home network, mostly for a combination of future proofing and ease of use.

            Realistically it would probably make more sense to segment it with more networks, but I’m only going to go so far with complexity for my home production

      • Praise Idleness@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        0
        ·
        4 months ago

        It’s just one of many private ranges. Saying it’s dangerous is like saying every websites using .xyz domain is dangerous(which makes little more sense than this, btw)

        • FutileRecipe@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          4 months ago

          It’s just one of many private ranges.

          Sure, it’s one of many, but how often do you see that specific (42) block used? I honestly don’t think I ever have, outside of a pentest lab. The 172.16.42.0/24 (not just any 172.16 like you’re saying) block is the default for a WiFi Pineapple. Any other range is usually ok, but the 42 on a /24 granting WAN access specifically would make me (and most people who actually know what a WiFi Pineapple is) avoid that network.

          Saying 172.16.0.0/12 is usually for pentesting scummy thing is very misleading…Saying it’s dangerous is like saying every websites using .xyz domain is dangerous(which makes little more sense than this, btw)

          You clearly don’t know what a WiFi Pineapple is, because we’re zeroing in on the 42 and you liken it to the entire 172.16 block. And linking every .xyz domain to a specific block (42) that is used by default for a pentest device is even more misleading.

        • FutileRecipe@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          4 months ago

          There’s nothing at all suspicious about the 172.16.0.0/12 address block.

          Correct. However the 172.16.42.0/24 block is the default for a WiFi Pineapple. Any other range is usually ok, but the 42 on a /24 specifically would make me (and most people who actually know what a WiFi Pineapple is) avoid that network.

  • ᕙ(⇀‸↼‶)ᕗ@lemm.ee
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    neither is that range pineapple exclusive nor should ppl use public wifi without a proper vpn.

    so the meme makes no sense. if you recognize the pineapple default range but yet dont use a vpn…then you re a dumbass.

  • sh__@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    Does that anime still hold up today? I’ve thought of watching it at times.

  • aldalire@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    4 months ago

    A lot of the comments here are saying that a pineapple can configure their subnet to use 10.x.x.x or 192.168.x.x. Is there any other way to determine if an access point is compromised?

  • mlg@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    4 months ago

    *connects to pineapple

    *sets subnet to 10.0.0.0/16 so I don’t have to type a yee yee ass class B/C address everytime I wanna do something with an address

    Or

    *connects to pineapple

    *Sets subnet to same as target network so paranoid user doesn’t realize he connected to evil twin

    • Natanael@slrpnk.net
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      Always do transparent tunneling with selective MITM, lol

      (not gonna help script kiddies any more than this either, lol)

    • Trainguyrom@reddthat.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      4 months ago

      sets subnet to 10.0.0.0/16 so I don’t have to type a yee yee ass class B/C address everytime I wanna do something with an address

      Personally I find 172.16.0.0/12 addresses are easier for me to quickly type accurately than any other private range. 192.168.0.0/16 is just too many similar-but-different digits, and 10.0.0.0/8 is too many similar/the same digits before I get to the digits I actually care about, so both are more error prone for me

  • RoyaltyInTraining@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    This is why I force my browser to warn me when SSL isn’t available. Makes me at least a little safer when I have to use public wifi

  • MystikIncarnate@lemmy.ca
    link
    fedilink
    English
    arrow-up
    0
    ·
    4 months ago

    The only part of this I didn’t immediately realize is the wifi pineapples default IP range.

    From now on, I’m going to set that as my clients default public IP range to troll anyone who knows.