Penetration Testing mailing list archives
Re: [PEN-TEST] advertising private IP numbers?
From: "Deus, Attonbitus" <Thor () HAMMEROFGOD COM>
Date: Fri, 22 Dec 2000 09:16:32 -0800
Well, by definition, a Proxy/Firewall has to have ip forwarding turned on, or else it would not achieve the desired effect of passing any traffic.
Insofar as MS Proxy is concerned, this is not true. IP Forwarding should be spefically turned off, or anything on the external segment will be able to route into your private network. The forwarding functionality is provided for by the proxy service itself. I have seen forwarding turned on in cache-only configurations, but it is not the correct setting when standard firewall/packet filtering configurations are used. --------------------------------- Attonbitus Deus Thor () HammerofGod Com
Current thread:
- [PEN-TEST] advertising private IP numbers? securitygeek (Dec 21)
- Re: [PEN-TEST] advertising private IP numbers? Philipp Buehler (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? Joe Shaw (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? Bennett Todd (Dec 22)
- <Possible follow-ups>
- Re: [PEN-TEST] advertising private IP numbers? St. Clair, James (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? van der Kooij, Hugo (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? Barber, Chris (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? Dan Schleifer (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? Jason Paulson (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? Carric Dooley (Dec 23)
- Re: [PEN-TEST] advertising private IP numbers? Deus, Attonbitus (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? van der Kooij, Hugo (Dec 23)
- Re: [PEN-TEST] advertising private IP numbers? Dan Schleifer (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? securitygeek (Dec 22)
- Re: [PEN-TEST] advertising private IP numbers? Carter, Adam (Dec 23)
- Re: [PEN-TEST] advertising private IP numbers? Chris St. Clair (Dec 27)