Re: LAN IPs Exposed on Internet

support · ‎02-01-2005

Hi,

My LAN is behind a PIX 515 and we are doing PAT for accessing the Internet. When browsing the website http://www.auditmypc.com/acronym/CSIV2.aspm I see my LAN IP displayed on the site, this behaviour holds true when someone in my LAN enters MSN Chat.

Please help me in understanding this behaviour, Isn't the PIX supposed to hide the LAN IP's ? what security implications can this have ? is my LAN safe behind the PIX ?

Thanks a lot in advance

Best Regards

Shiva

sachinraja · ‎02-02-2005

Hi shiva,

when you do PAT, all inside PCs are translated to a single public IP on the outside.. This IP , if visible on the internet cannot harm anything for your inside PCs.. The inside PCs will have private IPs which will obviously not be visible in internet.. additionally, no traffic can enter your PIX and go to your PCs, unless you have given access to....

any data from outside to inside is always blocked, unless you configure an access-list or conduit and allow it... so, you can be sure that this will not have any security implications on ur network. there might be some sniffing programs running on those sites, which might tell your ip address, but there is no way pix is going to allow packets from these servers.

Raj

jboyer · ‎02-02-2005

The pix address translation rewrites the ip header but that doesn't stop higher level protocols that may have the ip address inside the data packet. It is a security concern from a reconnaissance perspective but the problem is application security-not network security.