RE: Company Firewall's IP Address

["John Canty" <John.Canty () Vibro-Meter com>]

<snip>
InternetALERT is an absolute "MUST" for anyone connecting to the
Internet! It will notify you if someone is breaking into your computer,
stop them dead in their tracks, and even build a visual map showing you
the Attacker's ISP (Internet Service Provider) location! You can now
connect to the Internet with the comfort and security of knowing that no
one from the Internet can access your computer without your knowledge or
permission!
<snip>
if you saw it on the same page you saw this, it shouldn't have raised a
concern. I'd be a nice idea if you could buy security in a brown box
with string tied around it, maybe even a little bow.

//John

-----Original Message-----
From: Steve Cooper [mailto:steve () nuclear-monkeys co uk] 
Sent: Wednesday, November 13, 2002 4:40 PM
To: tony tony
Cc: security-basics () securityfocus com
Subject: Re: Company Firewall's IP Address

On Tue, 2002-11-12 at 22:09, tony tony wrote:
> I was doing security research on the internet at work
yesterday....when all of
> a sudden I got a pop up advertisement that stated that I was
broadcasting my IP
> address to the entire internet.  It then showed a screen with my IP
address
> which was the the external IP interface of one of our companies
firewalls 
> It just bothers me that someone would be able to determine the IP
address of
> our firewall that easily.  It seems to me that our firewall should
operate in a
> more stealth mode.  Our firewall administrator said it is not
technically
> possible to do this.  What is your take?...I am not a checkpoint
firewall guru...so
> I do not know.   All I know is that if I was a hacker, I would love to
hammer
> away on an ip address that represented a firewall. 
>
> Click on the following to learn more about this pop up site. 
>
> http://www.bonzi.com/internetalert/ia99m.asp
>
>
> __________________________________________________
> Do you Yahoo!?
> U2 on LAUNCH - Exclusive greatest hits videos
> http://launch.yahoo.com/u2


Your admins right, your IP has to be known in order for information to
be returned from the internet to you and a companys external IP's are
easy to find with legal tools and websites like samspade.org or whois
queries with domain registrars.
It's the ports that are open on your IP address that are the real
danger, in order to hack your PC an attacker will need some ports open
so they can send information through those ports. If your firewall is
securely configured and you don't host any web or mail servers that
allow trafic inside then you should be ok.