Re: Company Firewall's IP Address
From: Bill Hamel (billh@bugs.hamel.net)
Date: 11/18/02
- Previous message: Eric Schroeder: "RE: Company Firewall's IP Address"
- Maybe in reply to: tony tony: "Company Firewall's IP Address"
- Next in thread: Benjamin Meade: "RE: Company Firewall's IP Address"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 18 Nov 2002 17:42:12 -0500 (EST) From: Bill Hamel <billh@bugs.hamel.net> To: Eric Schroeder <ericschroeder@satel.com>
Hi,
I was responding to the "Such is not the case. I've done otherwise."
Comment below.
-b
On Mon, 18 Nov 2002, Eric Schroeder wrote:
> You just have to configure ARP properly.
>
> For example----
>
> Internet Router Firewall
> End User
> 10.1.1.254 10.1.1.58 192.168.1.1
> 192.168.1.51
>
> You could use NAT on the firewall to hide everyone behind the IP address
> 10.1.1.1. Then you would have to configure the firewall to respond to arp
> requests for 10.1.1.1, or you would have to configure the internet router
> with a static arp entry for 10.1.1.1. But no one ever needs to know the
> actual IP address of the firewall.
>
> FWIW,
>
> Eric Schroeder
> Satel Corporation
>
>
>
>
>
> Bill Hamel <billh@bugs.hamel.net>
> 11/15/2002 08:42 PM
>
>
> To: Meritt James <meritt_james@bah.com>
> cc: Leonard.Ong@nokia.com, <shuffle3@insightbb.com>, <tonytorri@yahoo.com>,
> <security-basics@securityfocus.com>, <cisaca-l@purdue.edu>
> Subject: Re: Company Firewall's IP Address
>
>
> Then routing wise, how do the packets find their way back to the firewall
> if they don't know the source IP ? ?
>
>
> On Fri, 15 Nov 2002, Meritt James wrote:
>
> > Such is not the case. I've done otherwise.
> >
> > Bill Hamel wrote:
> > >
> > > Unless I am missing something in the question, no matter what you do,
> > > what/whoever you connect to through a firewall will always know the IP
> > > address of the the trusted interface of the firewall.
> > >
> > > -bh
> > >
> > > On Wed, 13 Nov 2002, Meritt James wrote:
> > >
> > > > "an" IP Address - not necessarily the originating individual. There
> are
> > > > a LOT of ways around that.
> > > >
> > > > Jim
> > > >
> > > > Leonard.Ong@nokia.com wrote:
> > > >
> > > > > There is nothing new about finding your IP Address and display it
> on the web page.
> > > >
> > > > --
> > > > James W. Meritt CISSP, CISA
> > > > Booz | Allen | Hamilton
> > > > phone: (410) 684-6566
> > > >
> >
> > --
> > James W. Meritt CISSP, CISA
> > Booz | Allen | Hamilton
> > phone: (410) 684-6566
> >
>
>
>
>
>
- Next message: Eric Schroeder: "Re: Company Firewall's IP Address"
- Previous message: Eric Schroeder: "RE: Company Firewall's IP Address"
- Maybe in reply to: tony tony: "Company Firewall's IP Address"
- Next in thread: Benjamin Meade: "RE: Company Firewall's IP Address"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
