-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Comments below...
Vince Hillier [EMAIL PROTECTED] http://plutonium.homeunix.com |-----Original Message----- |From: tony tony [mailto:tonytorri@;yahoo.com] |Sent: Tuesday, November 12, 2002 2:09 PM |To: [EMAIL PROTECTED]; Cisaca |Subject: Company Firewall's IP Address | |I was doing security research on the internet at work yesterday....when all |of |a sudden I got a pop up advertisement that stated that I was broadcasting |my IP |address to the entire internet. It then showed a screen with my IP address |which was the the external IP interface of one of our companies firewalls. So I assume you route through the firewall machine. |It just bothers me that someone would be able to determine the IP address |of |our firewall that easily. It seems to me that our firewall should operate |in a |more stealth mode. Why does it bother you? You can connect to their server, but they cannot identify you? Hmm... that would probably bother them, especially if you were up to no good. |Our firewall administrator said it is not technically |possible to do this. Is he/she for real? Of course it is technically possible to identify machine IPs is they are connecting to your webserver, I really hope he/she means it is not possible to determine the internal IP that the request originated from, if not, then you need a new firewall administrator. |What is your take?.I am not a checkpoint firewall |guru.so |I do not know. All I know is that if I was a hacker, I would love to |hammer |away on an ip address that represented a firewall. That's probably the stupidest thing you could do, unless you want to get caught, of course. Firewall are generally monitored, unless your firewall administrator thinks it's impossible for someone to determine the IP of the machine, then you're, well, hopeless. |Click on the following to learn more about this pop up site. | |http://www.bonzi.com/internetalert/ia99m.asp In closing, that site simply returned the $REMOTE_ADDR (address that requested the document on their site). There is nothing fishy about this, every site you visit can tell you that IP so long as you route through it. Seriously, if your fw techie thinks it's impossible to get the IP of that machine, your company should immediately reconsider his/her qualifications, and perhaps put him/her in, oh say... a data entry position. -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 (Build 349) Beta iQA/AwUBPdLvW0BtW3tWqkVxEQJ5JACg2UJqwSadmvY8uammnTAfVHwVgZ4An3J1 DE/XzW8PwExVUsCp+Xg7pjhC =KjxE -----END PGP SIGNATURE-----
