Great Circle Associates Firewalls
(June 1996)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: IP address for Enterprises use
From: Paul Ferguson <pferguso @ cisco . com>
Date: Thu, 27 Jun 1996 10:10:35 -0400
To: Mario Bai <mbai @ straticom . com>
Cc: firewalls @ GreatCircle . COM

At 09:06 AM 6/27/96 -0400, Mario Bai wrote:

>
>What is the potential problems introduced when using "bogus" or reserved 
>IP address behind a firewall/proxy server? I know that the proxy server 
>should translate all internal IP addresses and only present its own IP 
>address to the Internet (or receiving server), but if you have 
>implemented solely an HTTP proxy server and sophisticated IP filtering 
>on a Cisco router, what are the potential problems that could arise? Are 
>there any circumstances where the internal IP address would "leak" out 
>onto the Internet and cause problems?
>

Yes, 10/8 shows up in the global routing table almost daily because
someone allowed it to be injected into their exterior routing.

And yes, this is a problem.

- paul

--
Paul Ferguson                                           ||        ||
Consulting Engineering                                  ||        ||
Reston, Virginia   USA                                 ||||      ||||
tel: +1.703.716.9538                               ..:||||||:..:||||||:..
e-mail: pferguso @
 cisco .
 com                         c i s c o S y s t e m s



Follow-Ups:
Indexed By Date Previous: Re: IP address for Enterprises use
From: Paul Ferguson <pferguso @ cisco . com>
Next: RE: Re[2]: Java & ActiveX
From: Dana Nowell <DanaNowell @ corsof . com>
Indexed By Thread Previous: Re: IP address for Enterprises use
From: Paul Ferguson <pferguso @ cisco . com>
Next: Re: IP address for Enterprises use
From: Michael Dillon <michael @ memra . com>

Google
 
Search Internet Search www.greatcircle.com