How device misconfiguration drives TCP traffic to parts of 188.8.131.52/8 - an initial investigation
The Internet community is near the 'Bottom of the barrel' for unallocated IPv4 address prefixes. Network 184.108.40.206/8 was allocated in January 2010 for use on the public Internet, despite being unofficially utilised in various ways for many years. Recent work has revealed this prefix to be quite 'Dirty', with significant levels of public UDP and TCP traffic already inbound to certain parts of 220.127.116.11/8. By running a simplified honeypot on 18.104.22.168/24 and 22.214.171.124/24 for two days in March 2010 the authors have elicited new insights into the nature of the TCP traffic polluting these prefixes.