RE: Link from corporate site to internal corp. network

From: Burton M. Strauss III (bstrauss3@attbi.com)
Date: 08/02/02 

From: "Burton M. Strauss III" <bstrauss3@attbi.com>
To: <security-basics@securityfocus.com>
Date: Fri, 2 Aug 2002 11:41:49 -0500

If it's truly a private network then it will be a broken link - that is it
won't resolve to anything. People can click on it, but it won't go
anywhere.

Say the internal machine is dopey.internal.mycompany.com on a page on
www.mycompany.com

For outside users, the browser will try to resolve "dopey" and get to
"mycompany.com"'s external DNS server who will return "not found"

For internal users, the browser will try to resolve "dopey" and get to
"mycompany.com"'s internal DNS server who will return "Sure, dopey is
10.1.2.3" and the link will work fine.

What you should do is to use the http headers to detect internal vs.
external users and send them a different version of the page.

-----Burton

-----Original Message-----
From: Chris [mailto:brahma@mendolink.com]
Sent: Thursday, August 01, 2002 1:33 PM
To: security-basics@securityfocus.com
Subject: Link from corperate site to internal corp. network

I am just curious what other professionals out their think of this. I have
been forced into letting our web dev dept. put a link on a company web site
to the internal network which is on private IP's. What security problems
can this cause. I don't really see an obvious issue but I just don't like
the idea myself.

Thank You,

Chris D.
Network Security
Mendo Link, LLC

"An Ounce Of Prevention Is Worth A Pound Of Cure."
Om Namo Narayanaya

Relevant Pages

  • Re: Static route not working for DNS
    ... > using domain name in IE doesn't resolve. ... I've now received a hosts file for this private network. ... >> access a website that is on a private network. ... >> static route in the main router pointing to another router with the ...
    (microsoft.public.backoffice.smallbiz)
  • RE: Error binding to local domain
    ... away because I was away for a couple weeks and I do not force permissions on ... The permissions dialog just times out trying to resolve the ... >> following event "Windows cannot query for the list of Group Policy objects. ... >> An Active Directory, network connectivity, or network configuration problem ...
    (microsoft.public.windows.server.sbs)
  • Re: Cant establish a network.
    ... "John John" wrote in message ... That is not to say that you should keep on beating a dead horse, if the thread is going nowhere or if it has been hijacked by posters who have nothing of value to add to the problem at hand then you definitely should start a new thread. ... If you feel that you are getting further ahead in your troubleshooting efforts and that you prefer to start new threads with new topics to resolve the problem then you should do as you see fit. ... It is not for me to tell anyone how to post, I only suggested that it was difficult to follow your efforts and the suggestions made by the poster to help you resolve the errors and come to a successful conclusion with the network problem. ...
    (microsoft.public.windowsxp.general)
  • Re: Cant establish a network.
    ... The current newsgroup seems to do it about a day after each ... still see the replies coming from other posters in other groups. ... resolve the problem then you should do as you see fit. ... As for the network problem, ...
    (microsoft.public.windowsxp.general)
  • Re: Cant establish a network.
    ... That is not to say that you should keep on beating a dead horse, if the thread is going nowhere or if it has been hijacked by posters who have nothing of value to add to the problem at hand then you definitely should start a new thread. ... Maybe I'm dense but isn't this a system of daily forced abandonment? ... If you feel that you are getting further ahead in your troubleshooting efforts and that you prefer to start new threads with new topics to resolve the problem then you should do as you see fit. ... It is not for me to tell anyone how to post, I only suggested that it was difficult to follow your efforts and the suggestions made by the poster to help you resolve the errors and come to a successful conclusion with the network problem. ...
    (microsoft.public.windowsxp.general)