I wrote:
On Oct 20, 2009, at 6:09 AM, Michael Reynolds wrote:
This only works if you have enough of the hostmask to begin with. For example, network-deadbeef.hsd1.mi.comcast.net covers over 1 million IPs scattered in an accumulative block of tens of millions. The client would know something's up long before you even got the right /16.
As mentioned above, there are already ways of narrowing it ahead of time. For popular regions, it's also easy to find enough online clients to distribute a mapping attack up to the last component.
Sorry, wrong context/response pair. I meant to say that you're right for that particular example of a masked hostname, but it doesn't apply across the board to all other hostnames or situations where a IP-
hostname lookup fails. Providing effective masking for only a lucky few isn't really a selling point.
Your example does emphasize the ever-present issue with hierarchy, though; IP addresses just don't express that region. -- Quension