Security Basics mailing list archives

Re: Am I over reacting?

From: Leo <thehobbit () altern org>
Date: Fri, 12 Mar 2004 21:53:30 +0100

On Wed, Mar 10, 2004 at 11:19:45AM -0800, Michael Horn wrote:

I'm not sure if I'm over reacting on this or not since
I'm new to the security scene.  This morning during an
on-line seminar that one of our customers was holding;
the presenter had his desktop shared out (so you could
see everything).  One thing I noticed about the web
meeting software was that it was showing everybody's
IP. I've used other web meeting companies and none of
them showed the IP's.  From my understanding if you
have the IP your halfway to getting into their system.
 If I was a bad boy I could run a port scan to see
what they where running and then exploit it. Is my
thinking correct or am I off base and over reacting?
 
Thank you for your input,
 
Michael Horn


Hi,
 The short answer is... yes, you are. First of all, if there is a 
TCP connection, then the system _must_ know the peer IP addres. This means 
that you can always access it using netstat or similar.

Second, to say that "if you have the IP your halfway to getting into
their system."  is the same as "If you know the street address of
someone you are halfway of robbing him/her". While certanly you can
not enter into my sistem without knowing my IP, knowing it is far from
giving you access to my sistem. Of course, you may "run a port scan to
see what they where running and then exploit it.", but the whole point
in security is that you'll not be able to get into my system even
though you can access it in a leggitimate way (such as desktop
sharing), doing which requires you (or at least your system) to know
my IP.

My 5cents...
Cheers
--
Leo "TheHobbit"

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Am I over reacting? Michael Horn (Mar 11)
- Re: Am I over reacting? Leo (Mar 12)
- <Possible follow-ups>
- RE: Am I over reacting? James . Fields (Mar 12)
  - RE: Am I over reacting? Michael Horn (Mar 12)