Security Basics mailing list archives

Re: Company Firewall's IP Address

From: "Frederick Garbrecht" <fgarbrecht () ecogchair org>
Date: Sat, 16 Nov 2002 23:42:03 -0500

The packets have the firewall's external interface ip as their destination
ip field; the firewall handles the address translation back to the internal
host.  When you initiate an outbound connection from an internal host, the
firewall substitutes the 'hide-NAT' address (the firewall's external
interface address) for your host's non-routable address in the source ip
field of the ip packet, and the firewall stores the source port 'p' (>1024).
If the firewall subsequently receives an inbound packet at its external
interface with a destination port 'p', it associates that port number with
your host's non-routable internal address and routes the packet accordingly.
(At least this is how Checkpoint does it).
Fred
----- Original Message -----
From: "Bill Hamel" <billh () bugs hamel net>
To: "Meritt James" <meritt_james () bah com>
Cc: <Leonard.Ong () nokia com>; <shuffle3 () insightbb com>;
<tonytorri () yahoo com>; <security-basics () securityfocus com>;
<cisaca-l () purdue edu>
Sent: Friday, November 15, 2002 10:42 PM
Subject: Re: Company Firewall's IP Address

Then routing wise, how do the packets find their way back to the firewall
if they don't know the source IP ? ?


On Fri, 15 Nov 2002, Meritt James wrote:

Such is not the case.  I've done otherwise.

Bill Hamel wrote:


Unless I am missing something in the question, no matter what you do,
what/whoever you connect to through a firewall will always know the IP
address of the the trusted interface of the firewall.

-bh

On Wed, 13 Nov 2002, Meritt James wrote:

"an" IP Address - not necessarily the originating individual.  There

are

a LOT of ways around that.

Jim

Leonard.Ong () nokia com wrote:

There is nothing new about finding your IP Address and display it

on the web page.


--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566


--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566

Current thread:

Re: Company Firewall's IP Address, (continued)
- Re: Company Firewall's IP Address Ivan Coric (Nov 16)
- Re: Company Firewall's IP Address Meritt James (Nov 16)
  - Re: Company Firewall's IP Address Bill Hamel (Nov 15)
    - Re: Company Firewall's IP Address Meritt James (Nov 16)
    - Re: Company Firewall's IP Address Bill Hamel (Nov 16)
- Re: Company Firewall's IP Address Edward N Schofield (Nov 16)
  - Re: Company Firewall's IP Address Bill Hamel (Nov 15)
- RE: Company Firewall's IP Address Leonard.Ong (Nov 16)
- Re: Company Firewall's IP Address Meritt James (Nov 16)
  - Re: Company Firewall's IP Address Bill Hamel (Nov 16)
    - Re: Company Firewall's IP Address Frederick Garbrecht (Nov 18)
    - Re: Company Firewall's IP Address Andre Speelmans (Nov 19)
    - Re: Company Firewall's IP Address Meritt James (Nov 18)
    - Re: Company Firewall's IP Address Bill Hamel (Nov 22)
- RE: Company Firewall's IP Address Louis Erickson (Nov 17)
- RE: Company Firewall's IP Address John Canty (Nov 17)
  - query on firewall throughput..... SaiKrishna (Nov 18)
- RE: Company Firewall's IP Address Eric Schroeder (Nov 19)
- Re: Company Firewall's IP Address Eric Schroeder (Nov 19)
  - Re: Company Firewall's IP Address Bill Hamel (Nov 19)
  - RE: Company Firewall's IP Address Benjamin Meade (Nov 22)