Home page logo
/

basics logo Security Basics mailing list archives

Re: Company Firewall's IP Address
From: "Ivan Coric" <ivan.coric () workcoverqld com au>
Date: Thu, 14 Nov 2002 09:21:57 +1000

Hey Tony, use a proxy and NAT the internal proxy ip address to a external route-able address which you own. That way 
only the the NAT-ed ip of the proxy is visible on the internet
e.g


internal LAN ---------> proxy---------------------------->FW--------------------------->internet
  10.0.0.0                  10.0.0.1                    10.0.0.2         172.22.1.1
                                 172.22.1.20             internal int        FW interface
                            NAT address of proxy

(no real address used to protect the innocent)

cheers


Ivan Coric
IT Security Officer
Information Technology
WorkCover Queensland
Ph: (07) 30066414 Fax: (07) 30066424
Email: ivan.coric () workcoverqld com au

tony tony <tonytorri () yahoo com> 11/13/02 08:09am >>>
I was doing security research on the internet at work yesterday....when all of
a sudden I got a pop up advertisement that stated that I was broadcasting my IP
address to the entire internet.  It then showed a screen with my IP address
which was the the external IP interface of one of our companies firewalls.
I
 t just bothers me that someone would be able to determine the IP address of
our firewall that easily.  It seems to me that our firewall should operate in a
more stealth mode.  Our firewall administrator said it is not technically
possible to do this.  What is your take?*I am not a checkpoint firewall guru*so
I do not know.   All I know is that if I was a hacker, I would love to hammer
away on an ip address that represented a firewall. 

Click on the following to learn more about this pop up site. 

http://www.bonzi.com/internetalert/ia99m.asp 


__________________________________________________
Do you Yahoo!?
U2 on LAUNCH - Exclusive greatest hits videos
http://launch.yahoo.com/u2



***************************************************************************
Messages included in this e-mail and any of its attachments are those
of the author unless specifically stated to represent WorkCover Queensland.
The contents of this message are to be used for the intended purpose only
and are to be kept confidential at all times. This message may contain
privileged information directed only to the intended addressee/s.
Accidental receipt of this information should be deleted promptly
and the sender notified.

This e-mail has been scanned by Sophos for known viruses.
However, no warranty nor liability is implied in this respect.
**********************************************************************


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]