Home page logo

basics logo Security Basics mailing list archives

Re: Company Firewall's IP Address
From: "Frederick Garbrecht" <fgarbrecht () ecogchair org>
Date: Sat, 16 Nov 2002 23:42:03 -0500

The packets have the firewall's external interface ip as their destination
ip field; the firewall handles the address translation back to the internal
host.  When you initiate an outbound connection from an internal host, the
firewall substitutes the 'hide-NAT' address (the firewall's external
interface address) for your host's non-routable address in the source ip
field of the ip packet, and the firewall stores the source port 'p' (>1024).
If the firewall subsequently receives an inbound packet at its external
interface with a destination port 'p', it associates that port number with
your host's non-routable internal address and routes the packet accordingly.
(At least this is how Checkpoint does it).
----- Original Message -----
From: "Bill Hamel" <billh () bugs hamel net>
To: "Meritt James" <meritt_james () bah com>
Cc: <Leonard.Ong () nokia com>; <shuffle3 () insightbb com>;
<tonytorri () yahoo com>; <security-basics () securityfocus com>;
<cisaca-l () purdue edu>
Sent: Friday, November 15, 2002 10:42 PM
Subject: Re: Company Firewall's IP Address

Then routing wise, how do the packets find their way back to the firewall
if they don't know the source IP ? ?

On Fri, 15 Nov 2002, Meritt James wrote:

Such is not the case.  I've done otherwise.

Bill Hamel wrote:

Unless I am missing something in the question, no matter what you do,
what/whoever you connect to through a firewall will always know the IP
address of the the trusted interface of the firewall.


On Wed, 13 Nov 2002, Meritt James wrote:

"an" IP Address - not necessarily the originating individual.  There
a LOT of ways around that.


Leonard.Ong () nokia com wrote:

There is nothing new about finding your IP Address and display it
on the web page.

James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566

James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]