Home page logo
/

basics logo Security Basics mailing list archives

RE: Company Firewall's IP Address
From: "Eric Schroeder" <ericschroeder () satel com>
Date: Mon, 18 Nov 2002 15:01:21 -0700

Leonard,

It is trivial to "hide" the IP address of the firewall by using a 
different IP address to NAT all of your internal machines behind.  If the 
firewall then responds to no network traffic directed directly at it, it 
is effectively "hidden".

IMHO,

Eric Schroeder
Satel Coporation





<Leonard.Ong () nokia com>
11/14/2002 11:53 PM

 
        To:     <bianco () jlab org>, <tonytorri () yahoo com>
        cc:     <security-basics () securityfocus com>, <cisaca-l () purdue edu>
        Subject:        RE: Company Firewall's IP Address


Hi,

As my previous email, there is no way you can 'hide' the firewall external 
interface IP Address.  It is generally an acceptable practice with a good 
comfort level to have this in real world.  There are something you can do 
:

1) Obscure the DNS name for firewall e.g. don't assign a DNS name like 
'Dallas-FW-Ver3.x'
2) Use stealth connection - Drop every connection attempt to your 
firewall, this supposed to make your firewall stealth.
3) Carefully check your security policy to make sure there is no gap / 
unintended holes.
4) Use AntiSpoofing.
etc.

Having said that, the social engineering, that exploit regular computer 
users' panic, that really matters in the advertisement.



Regards,
Leonard Ong, CISSP, CSS-1, CCSE, MCSE, 
             MCDBA, CCNP, CCDP, NSA, LCP
Network Security Specialist, APAC
NOKIA

Email.  Leonard.Ong () nokia com
Mobile. +65 9431 6184
Phone.  +65 6723 1724
Fax.    +65 6723 1596






  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]