Defanging IP Addresses 10[.]10.10.1

egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+Member Posts: 413 ■■■■□□□□□□
There's a co-worker of mine that's paranoid about defanging IP addresses.  That is, of course, writing them as 10[.]10.10.1 instead of 10.10.10.1 to prevent people from clicking on it in case the link is malicious.

Seriously, in my 20 years of IT I have never once seen an IP address that was clickable.  Can anybody explain to me what rationale this practice stems from, or if it is even correct.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+

Comments

  • E Double UE Double U Member Posts: 1,828 ■■■■■■■■■□
    Might as well take it a step further with ten-dot-ten-dot-ten-dot-one.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, and more.

    2021 goals: AZ-303, AZ-304, maybe TOGAF and more ISACA

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 413 ■■■■□□□□□□
    Might as well take it a step further with ten-dot-ten-dot-ten-dot-one.

    Very funny, lol
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,915 Mod
    It's a known fact that the real pros go binary:  00001010.00001010.00001010.00001010  :D

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 12,034 Admin
    edited January 11
    When you say "paranoid about defanging", do you mean that your co-worker does or doesn't want the IP addresses to be sanitized?

    Sanitizing IP addresses, email addresses, domains, and URLs is a way to keep from triggering a false alert on security devices (IDS/IPS, WAF, EDR, etc.) that are parsing for active, malicious content in emails and documents. Sanitation also prevents some IM clients (e.g., Slack) from automatically making URLs, domains, telephone numbers, and IP and email addresses into clickable links.


  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 413 ■■■■□□□□□□
    Thanks for the insight @JDMurray .  I guess it's done across the board.  I had just been aware of this practice only with http links.

    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • TechGromitTechGromit GSEC, GCIH, GREM, Ontario, NY Member Posts: 2,017 ■■■■■■■■□□
    Not sure what inserting the [  ] is suppose to do. After all any link can be edited to go anywhere you want.  10[.]10.10.1




    Still searching for the corner in a round room.
Sign In or Register to comment.