RE: Company Firewall's IP Address

Thu, 14 Nov 2002 17:58:11 -0800 

Tony -

First it is possible however you must think in a different light.. the fact
that the site did not reveal your IP address means the security that you
have in place is working.. in light of that here is another angle to look
at..

your curiosity has revealed the following information...

1 your using a checkpoint firewall
2 your using nat
3 your firewall admin doesn't believe that it is possible to retrieve that
ip address, which you have demonstrated as possible.

so which revealed more information about your companies security
infrastructure?  your ip on a popup add which is common place in most Spam
sites which is nothing more then a java script. Or broadcasting your
security architecture to a list of thousands of users? I'm not trying to
give you a hard time just trying to point out that that applet didn't know
that was your firewalls ip address, it thought it was yours.

Regards,

Bill

-----Original Message-----
From: tony tony [mailto:tonytorri@;yahoo.com]
Sent: Tuesday, November 12, 2002 4:09 PM
To: [EMAIL PROTECTED]; Cisaca
Subject: Company Firewall's IP Address


I was doing security research on the internet at work yesterday....when all
of
a sudden I got a pop up advertisement that stated that I was broadcasting my
IP
address to the entire internet.  It then showed a screen with my IP address
which was the the external IP interface of one of our companies firewalls.

It just bothers me that someone would be able to determine the IP address of
our firewall that easily.  It seems to me that our firewall should operate
in a
more stealth mode.  Our firewall administrator said it is not technically
possible to do this.  What is your take?I am not a checkpoint firewall
guruso
I do not know.   All I know is that if I was a hacker, I would love to
hammer
away on an ip address that represented a firewall.

Click on the following to learn more about this pop up site.

http://www.bonzi.com/internetalert/ia99m.asp


__________________________________________________
Do you Yahoo!?
U2 on LAUNCH - Exclusive greatest hits videos
http://launch.yahoo.com/u2

Reply via email to