Firewalls: Multiple addresses

Firewalls
(April 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Multiple addresses
From:	padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)
Date:	Mon, 3 Apr 95 21:56:50 -0400
To:	"firewalls @ greatcircle . com"@UVS1.dnet.mmc.com

Alan rites:
>  Now, I have to ask myself, what are some uses of multiples ip numbers on
>one address?   I see the usefulness for servers, like FTP, Web, etc...; but how
>about for Security and Breach detection?

You recall I mentioned a "minefield", well suppose that a PC was set 
on the firewall feed and *all* unused subnet addresses in your domain
that came from the great beyond were recognized/alarmed/logged by that one 
machine (or maybe two identical ones if you like redundancy). Need I say
more ?
					Warmly,
						Padgett

Follow-Ups:

Re: Multiple addresses
From: mshaver @ schoolnet . carleton . ca (Mike Shaver)

Indexed By Date	Previous:	Re: How to detect SATAN surfing attempts ? From: paul @ hawksbill . sprintmrn . com (Paul Ferguson)
Indexed By Date	Next:	swipe From: johnb @ jbxs1 . jbx . com (John Boudreaux)
Indexed By Thread	Previous:	Exports and ITAR From: padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)
Indexed By Thread	Next:	Re: Multiple addresses From: mshaver @ schoolnet . carleton . ca (Mike Shaver)