• TechLich@lemmy.world
      1·
      4 months ago

      It’s not that it’s on the 172.16.0.0/12 range. That’s totally normal and used for all kinds of stuff.

      It’s that it’s in 172.16.42.0/24 which is the default dhcp settings for a wifi pineapple. It’s the /24 mask given on the .42 that’s a little suspicious because that’s not a common range for anything else.

      Being assigned one of those specific 253 hosts with that subnet mask would definitely make me think twice.

        • FutileRecipe@lemmy.world
          0·
          4 months ago

          It’s just one of many private ranges.

          Sure, it’s one of many, but how often do you see that specific (42) block used? I honestly don’t think I ever have, outside of a pentest lab. The 172.16.42.0/24 (not just any 172.16 like you’re saying) block is the default for a WiFi Pineapple. Any other range is usually ok, but the 42 on a /24 granting WAN access specifically would make me (and most people who actually know what a WiFi Pineapple is) avoid that network.

          Saying 172.16.0.0/12 is usually for pentesting scummy thing is very misleading…Saying it’s dangerous is like saying every websites using .xyz domain is dangerous(which makes little more sense than this, btw)

          You clearly don’t know what a WiFi Pineapple is, because we’re zeroing in on the 42 and you liken it to the entire 172.16 block. And linking every .xyz domain to a specific block (42) that is used by default for a pentest device is even more misleading.

  • ramble81@lemm.ee
    1·
    4 months ago

    So I guess I must be a leet haxor because of all the businesses I configured for the 172.x space because 192.168.x space was too small and 10.x space was way the hell too big.

    • calcopiritus@lemmy.world
      0·
      4 months ago

      HTTPS solved much of the security issues of untrusted networks. As long as you’re not doing banking or whatever, you should be fine without a VPN.

      • WIPocket@lemmy.world
        1·
        4 months ago

        Why would banking be an issue? I get that its a target, but I really would expect a bank to take care of their TLS.

      • Cornelius_Wangenheim@lemmy.world
        0·
        4 months ago

        It should be fine as long you don’t click through any SSL errors. And something like a bank should have HSTS enabled, meaning your browser will refuse to load the site if there’s an SSL error.

        • calcopiritus@lemmy.world
          1·
          4 months ago

          They don’t let me choose a password longer than 6 characters. I don’t assume anything about my bank’s security.

  • MystikIncarnate@lemmy.caEnglish
    1·
    4 months ago

    The only part of this I didn’t immediately realize is the wifi pineapples default IP range.

    From now on, I’m going to set that as my clients default public IP range to troll anyone who knows.

  • burgermeister@lemm.eeEnglish
    1·
    4 months ago

    A pineapple can have any subnet it wants. Also I have multiple subnets that start 172.16.xx.xx