Ya know, if I didn't know any better I would think this thread is going in
the direction of confusing the 'basic-security' reader.
A. At the routing level packets will ALWAYS go to the next-hop which may
not be the final source or destination, so the first part of your
statement makes some
: Eric Schroeder [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, 19 November 2002 6:01 AM
To: Bill Hamel
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; Meritt James;
[EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: Re: Company Firewall's IP Address
You just have to configure ARP properly
Hi,
On Sat, 16 Nov 2002, Frederick Garbrecht wrote:
[ explanation about NAT cut away (and rearranged message a bit) ]
There is nothing new about finding your IP Address and display it on
the web page.
an IP Address - not necessarily the originating individual. There are
a LOT of ways
PROTECTED]
11/14/2002 11:53 PM
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject:RE: Company Firewall's IP Address
Hi,
As my previous email, there is no way you can 'hide' the firewall external
interface IP
: [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED],
[EMAIL PROTECTED], [EMAIL PROTECTED]
Subject:Re: Company Firewall's IP Address
Then routing wise, how do the packets find their way back to the firewall
if they don't know the source IP ? ?
On Fri, 15 Nov 2002
Firewall's IP Address
Then routing wise, how do the packets find their way back to the firewall
if they don't know the source IP ? ?
On Fri, 15 Nov 2002, Meritt James wrote:
Such is not the case. I've done otherwise.
Bill Hamel wrote:
Unless I am missing something in the question, no matter
];
[EMAIL PROTECTED]
Sent: Friday, November 15, 2002 10:42 PM
Subject: Re: Company Firewall's IP Address
Then routing wise, how do the packets find their way back to the firewall
if they don't know the source IP ? ?
On Fri, 15 Nov 2002, Meritt James wrote:
Such is not the case. I've done
From: Vince Hillier [mailto:[EMAIL PROTECTED]]
|From: tony tony [mailto:[EMAIL PROTECTED]]
|Sent: Tuesday, November 12, 2002 2:09 PM
|To: [EMAIL PROTECTED]; Cisaca
|Subject: Company Firewall's IP Address
|
|I was doing security research on the internet at work
yesterdaywhen all
|of
]
Sent: 13 Nov 2002 21:40:17 +
Subject: Re: Company Firewall's IP Address
On Tue, 2002-11-12 at 22:09, tony tony wrote:
I was doing security research on the internet at work yesterdaywhen
all of
a sudden I got a pop up advertisement that stated that I was broadcasting
my IP
address
Proxy. Spoofing.
Bill Hamel wrote:
Unless I am missing something in the question, no matter what you do,
what/whoever you connect to through a firewall will always know the IP
address of the the trusted interface of the firewall.
-bh
On Wed, 13 Nov 2002, Meritt James wrote:
an IP
Hi,
NAT does not reveal internal address space to external sources.
The NAT device creates an Address Translation Table where it keeps track
of each connection using source ports that 'it' assigns, and not internal
ip addresses.
Basically the table looks something like this:
Source Device
Hi,
As my previous email, there is no way you can 'hide' the firewall external interface
IP Address. It is generally an acceptable practice with a good comfort level to have
this in real world. There are something you can do :
1) Obscure the DNS name for firewall e.g. don't assign a DNS
Such is not the case. I've done otherwise.
Bill Hamel wrote:
Unless I am missing something in the question, no matter what you do,
what/whoever you connect to through a firewall will always know the IP
address of the the trusted interface of the firewall.
-bh
On Wed, 13 Nov 2002,
The IP address that the destination replies to does not have to be where
the human sits. Consider that the originator's IP is not passed in the
example stated but the business firewall's is. That does not have to be
the only 'via' which alters the IP address. I know quite well that
breadcrumbs
Then routing wise, how do the packets find their way back to the firewall
if they don't know the source IP ? ?
On Fri, 15 Nov 2002, Meritt James wrote:
Such is not the case. I've done otherwise.
Bill Hamel wrote:
Unless I am missing something in the question, no matter what you do,
Yes, that is obvious due to NAT. Perhaps you got out of sync with the
thread, then again maybe it was me which is more than likely the case ;)
-b
On Fri, 15 Nov 2002, Meritt James wrote:
The IP address that the destination replies to does not have to be where
the human sits. Consider that
Tony,
It is certainly possible to capture the IP address of the external interface
of the firewall. Something as simple as a tracert could identify this on an
open session. It would certainly be improbable that one could capture the IP
address of anything within your internal network space unless
tony
|Cc: [EMAIL PROTECTED]; Cisaca
|Subject: Re: Company Firewall's IP Address
|
|Tony,
|Yes, that is a lousy advertisement designed to panic people into
|stampeding to their site. I got the same message on my home PC. The sad
|fact is that I agree with your IT manager. If you're going to do any
Hi Ed,
I believe in the original post, the poster was concerned that the IP
address of their firewall showed up in a pop-up using a browser, and how
to keep that from happening. This would suggest outbound port 80 activity,
maybe SSL. I am assuming this is the external address of the firewall.
On Tue, 12 Nov 2002, tony tony wrote:
I was doing security research on the internet at work yesterdaywhen all of
a sudden I got a pop up advertisement that stated that I was broadcasting my IP
address to the entire internet. It then showed a screen with my IP address
which was the the
Your admin is right. In order for you to be able to pull data from the
Internet, or any other system connected via a network, you have to give the
destination system an address to reply to, hence your IP address. Knowing
the IP address of your firewall is not a major issue, not if your firewall
Most people configure their firewalls to hide all of the addresses behind
the firewall using the firewalls ip address. This does pose certain
security concerns as far as information gathering goes. But there are
other ways to determine firewall IP addresses. But there are ways to
overcome
On Tue, 2002-11-12 at 22:09, tony tony wrote:
I was doing security research on the internet at work yesterdaywhen all of
a sudden I got a pop up advertisement that stated that I was broadcasting my IP
address to the entire internet. It then showed a screen with my IP address
which was the
tony tony said:
This is quite easy to do, and in no way is a vulnerability in your firewall.
Bonzi does this to attempt to generate sales, using an environmental
variable of the web server (which in this case, is your IP address) and
implants that in a dynamically generated script which shows
Hi,
Proxy / Spoof what ? Unless the destination
knows the source IP, there is no return path.
Remember packets don't leave a trail of bread crumbs so that they can
find their way back ;)
-b
On Thu, 14 Nov 2002, Meritt James wrote:
Proxy. Spoofing.
Bill Hamel wrote:
Unless I am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Comments below...
Vince Hillier
[EMAIL PROTECTED]
http://plutonium.homeunix.com
|-Original Message-
|From: tony tony [mailto:tonytorri;yahoo.com]
|Sent: Tuesday, November 12, 2002 2:09 PM
|To: [EMAIL PROTECTED]; Cisaca
|Subject: Company
I think your admin knows more about this than you do and you should listen
to him. In order to be connected to the internet, you need an IP address,
it's that simple. Any half decent firewall has the ability to block certains
types of incoming requests including any hammering people can throw at
On Tue, 12 Nov 2002, tony tony wrote:
I was doing security research on the internet at work yesterdaywhen all of
a sudden I got a pop up advertisement that stated that I was broadcasting my IP
address to the entire internet. It then showed a screen with my IP address
which was the the
I was doing security research on the internet at work yesterday
It then showed a screen with my IP address
which was the the external IP interface of one of our companies firewalls.
if this firewall is used to route from your lan--internet then it is
logical that its adress could be
an IP Address - not necessarily the originating individual. There are
a LOT of ways around that.
Jim
[EMAIL PROTECTED] wrote:
There is nothing new about finding your IP Address and display it on the web page.
--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566
Tony,
Yes, that is a lousy advertisement designed to panic people into
stampeding to their site. I got the same message on my home PC. The sad
fact is that I agree with your IT manager. If you're going to do any
communication with the world, you have to have someplace for the world
to send
Email. [EMAIL PROTECTED]
Mobile. +65 9431 6184
Phone. +65 6723 1724
Fax.+65 6723 1596
-Original Message-
From: ext Edward N Schofield [mailto:shuffle3;insightbb.com]
Sent: Wednesday, November 13, 2002 8:47 AM
To: tony tony
Cc: [EMAIL PROTECTED]; Cisaca
Subject: Re: Company Firewall's
32 matches
Mail list logo
