Firewall Wizards mailing list archives

Re: Private IP going outside of the firewall

From: Ravi Kumar <ravivsn () roc co in>
Date: 24 Nov 2003 12:44:24 +0530

Hi,
 The router with firewall can understand the interfaces IPs and will
look into routing table before routing the packet and checks  spoofed
packets.

Just try out this;
ping -a 192.168.1.5
to know the host name. If its a windows machine it will give you the
hostname. 

Another possibility could be spoofing of packets. If your firewall is
weak to detect spoofed packets then you better change Firewall :)

You can run tcpdump or ethereal to see the hardware address of the
192.168.1.5 machine.

What is the firewall box IP???

Hope this helps,
Best Regards,
Ravi Kumar CH.

iSecure- Firewall,VPN,L2Tp/IPSec,IIPS and more.,
Rendezvous On Chip (I) Pvt Ltd,
http://www.roc.co.in
Hyderbad
INDIA.

On Sat, 2003-11-22 at 02:25, Maria Wing wrote:

I have this problem:
We have this internal IP address (192.168.1.5) that somebody is using and I 
just need to know who/what machine.....It is suppose to be inside the 
company, my network configuration is really basic:
line -> router/gateway -> firewall (NAT) -> switch/hub
we use 192.168.1.x with 255.255.255.0
If I disconnect the firewall from the router/gateway I lost contact with the 
192.168.1.5 (it is not answering the pings)
When I use traceRoute, shows me:
from my machine (private IP) goes to -> router (public ip) -> ISP wan IP 
address (Public IP) -> 192.168.1.5 (Private IP)

Why the answer is coming from outside?...
We use static IP. We use NAT on the firewall. Also we use VPN and if I ping 
a computer using VPN I see something like this:
my machine -> the vpn machine
Thanks for any help

_________________________________________________________________
Need a shot of Hank Williams or Patsy Cline?  The classic country stars are 
always singing on MSN Radio Plus.  Try one month free!  
http://join.msn.com/?page=offers/premiumradio

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Private IP going outside of the firewall Maria Wing (Nov 23)
- Re: Private IP going outside of the firewall Ravi Kumar (Nov 24)