Security Basics mailing list archives
Re: Company Firewall's IP Address
From: "Frederick Garbrecht" <fgarbrecht () ecogchair org>
Date: Sat, 16 Nov 2002 23:42:03 -0500
The packets have the firewall's external interface ip as their destination ip field; the firewall handles the address translation back to the internal host. When you initiate an outbound connection from an internal host, the firewall substitutes the 'hide-NAT' address (the firewall's external interface address) for your host's non-routable address in the source ip field of the ip packet, and the firewall stores the source port 'p' (>1024). If the firewall subsequently receives an inbound packet at its external interface with a destination port 'p', it associates that port number with your host's non-routable internal address and routes the packet accordingly. (At least this is how Checkpoint does it). Fred ----- Original Message ----- From: "Bill Hamel" <billh () bugs hamel net> To: "Meritt James" <meritt_james () bah com> Cc: <Leonard.Ong () nokia com>; <shuffle3 () insightbb com>; <tonytorri () yahoo com>; <security-basics () securityfocus com>; <cisaca-l () purdue edu> Sent: Friday, November 15, 2002 10:42 PM Subject: Re: Company Firewall's IP Address
Then routing wise, how do the packets find their way back to the firewall if they don't know the source IP ? ? On Fri, 15 Nov 2002, Meritt James wrote:Such is not the case. I've done otherwise. Bill Hamel wrote:Unless I am missing something in the question, no matter what you do, what/whoever you connect to through a firewall will always know the IP address of the the trusted interface of the firewall. -bh On Wed, 13 Nov 2002, Meritt James wrote:"an" IP Address - not necessarily the originating individual. There
are
a LOT of ways around that. Jim Leonard.Ong () nokia com wrote:There is nothing new about finding your IP Address and display it
on the web page.
-- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566-- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566
Current thread:
- Re: Company Firewall's IP Address, (continued)
- Re: Company Firewall's IP Address Ivan Coric (Nov 16)
- Re: Company Firewall's IP Address Meritt James (Nov 16)
- Re: Company Firewall's IP Address Bill Hamel (Nov 15)
- Re: Company Firewall's IP Address Meritt James (Nov 16)
- Re: Company Firewall's IP Address Bill Hamel (Nov 16)
- Re: Company Firewall's IP Address Bill Hamel (Nov 15)
- Re: Company Firewall's IP Address Edward N Schofield (Nov 16)
- Re: Company Firewall's IP Address Bill Hamel (Nov 15)
- RE: Company Firewall's IP Address Leonard.Ong (Nov 16)
- Re: Company Firewall's IP Address Meritt James (Nov 16)
- Re: Company Firewall's IP Address Bill Hamel (Nov 16)
- Re: Company Firewall's IP Address Frederick Garbrecht (Nov 18)
- Re: Company Firewall's IP Address Andre Speelmans (Nov 19)
- Re: Company Firewall's IP Address Meritt James (Nov 18)
- Re: Company Firewall's IP Address Bill Hamel (Nov 22)
- Re: Company Firewall's IP Address Bill Hamel (Nov 16)
- query on firewall throughput..... SaiKrishna (Nov 18)
- Re: Company Firewall's IP Address Bill Hamel (Nov 19)
- RE: Company Firewall's IP Address Benjamin Meade (Nov 22)