Your internal network is only as protected as the device you use to protect it, in your case an NT firewall. If someone compromises your firewall then your network is defensless. If you have Static NAT then those hosts set up for Internet access are susceptible. If you allow only outbound traffic then any machine that access the Internet directly is susceptible to spoof attacks.
It really depends on what services your company needs and provides. If you do not need to provide any services and only need Web access(HTTP) then it is fairly simple to reasonably protect your network. Private address space, however, does very little to protect your network in itself. It is the other components of your network that provide the security combined with a sound security policy.
-----Original Message-----
From: Gerrish, Robert [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 08, 2000 11:23 AM
To: [EMAIL PROTECTED]
Subject: Private Address Space and network scans
Our System Admins in Ohio seem to think that as we are set
up internally on private address space that we are immune to
network scans and have no vulnerabilities. I think they have
overlooked a few factors.
They are running some type of firewall on NT 4.x.
I would like to pass along comments from the greater
security community. As I work for them, I couldn't
possibly know anything.
Thanks,
Bob Gerrish
Unix Systems Administrator
Trim Systems, LLC
Seattle, WA
206.762.1410 ext482
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
***********************************************************************
Gruntal & Co., L.L.C.'s e-mail system is for business purposes only.
Messages are not confidential. All e-mail may be reviewed by
authorized supervisors, compliance or internal audit personnel.
E-mail will be archived for at least three years and may be produced
to regulatory agencies or others with a legal right to access such
information. Gruntal will not accept trade order instructions via
e-mail. Please telephone your Account Executive to place trade orders.
Gruntal & Co., L.L.C.
***********************************************************************
