>> In any event, personally, I dont see a need for this type of >> scrubbing. IMO it only hinders troubleshooting. > >And provides a false sense of security... > >Security through obscurity just doesn't work.
Obviously, hiding an internal IP isn't security, but broadcasting it *IS* insecure. Think of it like sticking a map on your front door with a big red arrow that says "Our safe is here." If you have to broadcast this information, then you should at least misdirect trespassers so they waste their time on a fool's errand, thus allowing you more time to detect/stop them with your REAL security. And it shouldn't hinder troubleshooting. Even if you have multiple mail servers, clusters, proxies, forwarders, etc., you can at least obfuscate the internal IPs with a 1-to-1 mapping to a bogus network. Regardless, IP scrubbing doesn't seem favorable. And frankly I'd rather stop broadcasting internal IPs at the source instead of scrubbing post hoc. If anyone remembers the message Micheal mentioned about how to do this in Exchange or knows a link describing how, let me know. Thanks! --Bennett ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
