Security Basics mailing list archives
RE: Company Firewall's IP Address
From: "Vince Hillier" <vdh () plutonium homeunix com>
Date: Wed, 13 Nov 2002 23:20:35 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 My regrets on my message posted on this topic, I misread what you had said, the message is not currently on the list yet, but I go on to say your firewall admin is basically incompetent, but apparently, I am :) I thought you were saying that your fw admin claims there was no way for an external site to obtain the firewall IP. Sorry again, Vince Hillier vdh () plutonium homeunix com http://plutonium.homeunix.com |-----Original Message----- |From: Edward N Schofield [mailto:shuffle3 () insightbb com] |Sent: Tuesday, November 12, 2002 4:47 PM |To: tony tony |Cc: security-basics () securityfocus com; Cisaca |Subject: Re: Company Firewall's IP Address | |Tony, |Yes, that is a lousy advertisement designed to panic people into |stampeding to their site. I got the same message on my home PC. The sad |fact is that I agree with your IT manager. If you're going to do any |communication with the world, you have to have someplace for the world |to send messages to. There has to be an external IP address. What |Checkpoint does is screen what comes into your organization from your |external interface. You would have to look at your Checkpoint rule base |to determine the sites it is blocking, if any. Most organizations let |email come through the firewall to the corporate users and let them use |the delete button. There are some commercial services that you can |subscribe to in order to block categories of sites, but you pay good |bucks to them for taking your headaches. Yes, this is how worms like |Klez and viruses get around companies so quickly, but try to sell |executive management on restricting their email access. |My $.02 | |Ed Schofield | | |tony tony wrote: | |>I was doing security research on the internet at work yesterday....when |all of |>a sudden I got a pop up advertisement that stated that I was broadcasting |my IP |>address to the entire internet. It then showed a screen with my IP |address |>which was the the external IP interface of one of our companies firewalls. |> |>It just bothers me that someone would be able to determine the IP address |of |>our firewall that easily. It seems to me that our firewall should operate |in a |>more stealth mode. Our firewall administrator said it is not technically |>possible to do this. What is your take?.I am not a checkpoint firewall |guru.so |>I do not know. All I know is that if I was a hacker, I would love to |hammer |>away on an ip address that represented a firewall. |> |>Click on the following to learn more about this pop up site. |> |>http://www.bonzi.com/internetalert/ia99m.asp |> |> |>__________________________________________________ |>Do you Yahoo!? |>U2 on LAUNCH - Exclusive greatest hits videos |>http://launch.yahoo.com/u2 |> |> |> | | | -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 (Build 349) Beta iQA/AwUBPdNOwkBtW3tWqkVxEQJMVQCfZj8QrFLMTYsDDDKNbY9BtSQSr0EAoOJ0 +X27H4KDqHzWGSfl+4lVTyMs =v15o -----END PGP SIGNATURE-----
Current thread:
- Company Firewall's IP Address tony tony (Nov 13)
- RE: Company Firewall's IP Address Michael S Hines (Nov 13)
- Re: Company Firewall's IP Address Edward N Schofield (Nov 13)
- RE: Company Firewall's IP Address Vince Hillier (Nov 15)
- RE: Company Firewall's IP Address Vince Hillier (Nov 14)
- Re: Company Firewall's IP Address Eric Balsa (Nov 14)
- Re: Company Firewall's IP Address Mike Dresser (Nov 14)
- RE: Company Firewall's IP Address Bill Lavalette (Nov 14)
- Re: Company Firewall's IP Address David J. Bianco (Nov 14)
- Re: Company Firewall's IP Address Bill Hamel (Nov 16)
- Re: Company Firewall's IP Address Igor' Spivak (Nov 14)
- Re: Company Firewall's IP Address John Jasen (Nov 15)
- RE: Company Firewall's IP Address Rick Darsey (Nov 15)
- Re: Company Firewall's IP Address Steve Cooper (Nov 15)
(Thread continues...)