Re: Company Firewall's IP Address

From: Bill Hamel (billh@bugs.hamel.net)
Date: 11/16/02

Next message: jl: "Re: Secure e-mail"

Previous message: KoRe MeLtDoWn: "Re: any useful links on trojans/RAT's?"
In reply to: Meritt James: "Re: Company Firewall's IP Address"
Next in thread: Edward N Schofield: "Re: Company Firewall's IP Address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 15 Nov 2002 22:44:22 -0500 (EST)
From: Bill Hamel <billh@bugs.hamel.net>
To: Meritt James <meritt_james@bah.com>

Yes, that is obvious due to NAT. Perhaps you got out of sync with the
thread, then again maybe it was me which is more than likely the case ;)

-b

On Fri, 15 Nov 2002, Meritt James wrote:

> The IP address that the destination replies to does not have to be where
> the human sits. Consider that the originator's IP is not passed in the
> example stated but the business firewall's is. That does not have to be
> the only 'via' which alters the IP address. I know quite well that
> breadcrumbs are not used. And since I've done it, I reckon it is
> possible.
>
> Bill Hamel wrote:
> >
> > Hi,
> >
> > Proxy / Spoof what ? Unless the destination
> > knows the source IP, there is no return path.
> >
> > Remember packets don't leave a trail of bread crumbs so that they can
> > find their way back ;)
> >
> > -b
> >
> > On Thu, 14 Nov 2002, Meritt James wrote:
> >
> > > Proxy. Spoofing.
> > >
> > > Bill Hamel wrote:
> > > >
> > > > Unless I am missing something in the question, no matter what you do,
> > > > what/whoever you connect to through a firewall will always know the IP
> > > > address of the the trusted interface of the firewall.
> > > >
> > > > -bh
> > > >
> > > > On Wed, 13 Nov 2002, Meritt James wrote:
> > > >
> > > > > "an" IP Address - not necessarily the originating individual. There are
> > > > > a LOT of ways around that.
> > > > >
> > > > > Jim
> > > > >
> > > > > Leonard.Ong@nokia.com wrote:
> > > > >
> > > > > > There is nothing new about finding your IP Address and display it on the web page.
> > > > >
> > > > > --
> > > > > James W. Meritt CISSP, CISA
> > > > > Booz | Allen | Hamilton
> > > > > phone: (410) 684-6566
> > > > >
> > >
> > > --
> > > James W. Meritt CISSP, CISA
> > > Booz | Allen | Hamilton
> > > phone: (410) 684-6566
> > >
>
> --
> James W. Meritt CISSP, CISA
> Booz | Allen | Hamilton
> phone: (410) 684-6566
>

Next message: jl: "Re: Secure e-mail"
Previous message: KoRe MeLtDoWn: "Re: any useful links on trojans/RAT's?"
In reply to: Meritt James: "Re: Company Firewall's IP Address"
Next in thread: Edward N Schofield: "Re: Company Firewall's IP Address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Biometrics used for Authentication
... Which very well may not be the reader. ... >>> James W. Meritt CISSP, CISA ...
(Security-Basics)
Re: Company Firewalls IP Address
... Proxy / Spoof what? ... On Thu, 14 Nov 2002, Meritt James wrote: ... >>> James W. Meritt CISSP, CISA ...
(Security-Basics)
Re: Nmap - 3.50 changes mstask.exe?
... James W. Meritt CISSP, CISA ... Booz | Allen | Hamilton ...
(Incidents)
hiding internal IP addresses
... James W. Meritt CISSP, CISA ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, ...
(Security-Basics)
Re: Computer Security Career
... > James W. Meritt, CISSP, CISA ...
(comp.security.misc)