Security Basics mailing list archives

Re: External Penetration Question

From: Chris Largret <largret () gmail com>
Date: Tue, 08 Aug 2006 11:38:29 -0700

On Tue, 2006-08-08 at 02:47 -0700, thatch wrote:

This may seem a bit basic but i'm struggling to get my head around the
following concept:  

if i have a network and it's configured with a 10.x.x.x IP address scheme,
it's sitting behind a firewall and all connections to the internet are NAT'd
out.  how could any PC's become exploited when the addresses of these are
non-routable. after all, if an attacker is able to exploit a vulnerabilty in
my firewall and gain access to that particular device i don't quite see how
he or she could penetrate any further into the network than where the public
IP address stop.  

i've read plenty on this and will continue to do so but maybe i must have
missed a page because this seems to be the bit of the jigsaw that is
missing.  Can anyone explain or just provide me with a link.



The idea is that if someone could penetrate into one machine, they will
be able to talk to other machines on your network. For instance, if I
have a proxy in a DMZ, someone could connect to the proxy and use it to
connect to the router (192.168.1.1 for many homes). Imagine the havoc
you could wreck with that :)

If the attacker compromises one machine, it is essentially a proxy for
whatever he wants to do. If there aren't additional layers of protection
in place, he could talk to any other computer on the same network. Look
for ways to compromise them. :)

--
Chris Largret <http://www.largret.com>


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

External Penetration Question thatch (Aug 08)
- RE: External Penetration Question Robert D. Holtz (Aug 08)
  - Re: External Penetration Question bloo (Aug 09)
- Re: External Penetration Question Chris Largret (Aug 08)
- <Possible follow-ups>
- Re: External Penetration Question krymson (Aug 08)
  - Re: External Penetration Question thatch (Aug 10)
    - Re: External Penetration Question crazy frog crazy frog (Aug 14)
- Re: External Penetration Question anonymous (Aug 08)
  - RE: External Penetration Question David Gillett (Aug 09)