Re: [fw-wiz] Private IP going outside of the firewall

From: Ravi Kumar (ravivsn_at_roc.co.in)
Date: 11/24/03

  • Next message: Adam Lang: "[fw-wiz] Pix admin tools" 
    To: Maria Wing <mariawing@hotmail.com>
Date: 24 Nov 2003 12:44:24 +0530

    Hi,
     The router with firewall can understand the interfaces IPs and will
    look into routing table before routing the packet and checks spoofed
    packets.

    Just try out this;
    ping -a 192.168.1.5
    to know the host name. If its a windows machine it will give you the
    hostname.

    Another possibility could be spoofing of packets. If your firewall is
    weak to detect spoofed packets then you better change Firewall :)

    You can run tcpdump or ethereal to see the hardware address of the
    192.168.1.5 machine.

    What is the firewall box IP???

    Hope this helps,
    Best Regards,
    Ravi Kumar CH.

    iSecure- Firewall,VPN,L2Tp/IPSec,IIPS and more.,
    Rendezvous On Chip (I) Pvt Ltd,
    http://www.roc.co.in
    Hyderbad
    INDIA.

    On Sat, 2003-11-22 at 02:25, Maria Wing wrote:
    > I have this problem:
    > We have this internal IP address (192.168.1.5) that somebody is using and I
    > just need to know who/what machine.....It is suppose to be inside the
    > company, my network configuration is really basic:
    > line -> router/gateway -> firewall (NAT) -> switch/hub
    > we use 192.168.1.x with 255.255.255.0
    > If I disconnect the firewall from the router/gateway I lost contact with the
    > 192.168.1.5 (it is not answering the pings)
    > When I use traceRoute, shows me:
    > from my machine (private IP) goes to -> router (public ip) -> ISP wan IP
    > address (Public IP) -> 192.168.1.5 (Private IP)
    >
    > Why the answer is coming from outside?...
    > We use static IP. We use NAT on the firewall. Also we use VPN and if I ping
    > a computer using VPN I see something like this:
    > my machine -> the vpn machine
    > Thanks for any help
    >
    > _________________________________________________________________
    > Need a shot of Hank Williams or Patsy Cline? The classic country stars are
    > always singing on MSN Radio Plus. Try one month free!
    > http://join.msn.com/?page=offers/premiumradio
    >
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Adam Lang: "[fw-wiz] Pix admin tools"

    Relevant Pages

    • Re: netmasks and subnets
      ... >> applies to your firewall forwarding which, ... it for X,Y,Z reasons), then sending through to an internal interface. ... is not really routing as you know it. ... the packets from one internal interface to another. ...
      (comp.os.linux.networking)
    • Re: Im I being targeted?
      ... But the packets did not occur at the correct time, ... As far as IPv6... ... firewall and Internet Connection Firewall can't block IP version 6 ... causing a lockup of my home DSL and/or router, ...
      (comp.security.firewalls)
    • Re: port 80 is open
      ... you said above would be true if a software firewall is used since that is ... the PC so the ISP's router would see the hardware firewall but not the PC ... ISP would know that I am active since it would see packets coming from me ... If you have a connection to your ISP at all (you have a piece ...
      (comp.security.firewalls)
    • Re: Hardware router with firewall - how to configure?
      ... >The router is made by PheeNet ... >1) is the buil-in firewall enough to make my LAN safe? ... >4) what should I enter in the Outbound Packet Filter? ... Outbound filter applies on all outbound packets. ...
      (comp.security.firewalls)
    • Re: Linux Is A Bore
      ... If you have an internal LAN, which has a gateway through a router, you're ... In any of the latter cases, iptables is the way to go. ... There are those who will tell you that you don't need a firewall if you keep ... by inspecting the incoming packets and having iptables decide whether or not ...
      (comp.os.linux.misc)