Re: Hopefully this is an intelligent question

From: Bill Matherly Jr (bmatherlyjr_at_cox.net)
Date: 05/06/03


Date: Tue, 06 May 2003 17:42:30 GMT

Dave Thornburgh wrote:
> "Bill Matherly Jr" <bmatherlyjr@cox.net> wrote in message
> news:1rRta.31381$3n5.17312@news2.central.cox.net...
>
>>So your suggesting that if I am doing the auditing at the person's
>>physcial PC I should go ahead and use the loopback IP, and if I am
>>attempting to audit it remotely just use the server assigned IP?
>
>
>
> Not at all. I'm suggesting that you audit from another PC, using the
> external address of the target. Auditing a PC from that same PC can be
> misleading at best - some services may handle traffic at the loopback
> address differently than traffic at the external address. Also, any
> security measures (installed software firewall, operating system settings,
> etc.) may be less effective against traffic coming from inside that machine,
> no matter what address the traffic is aimed at. The only true test of a
> machine's vulnerabilities has to come from outside.
>
> You may as well just give up on the whole concept of the loopback address -
> it's just not germane to the concept of auditing for security purposes.
>
> Dave

I was afraid you were going to tell me that :]

thanks for the input, Dave

Bill