[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: [LI] Machine with private IP address on Internet (May be offtopic?)

Subject: Re: [LI] Machine with private IP address on Internet (May be offtopic?)
From: "Srikrishnan Chitoor" <krishnan@xxxxxxxxxxxxx>
Date: Thu, 30 Sep 1999 09:56:21 +0530

Ahaah!

  So I can decide to keep my sensitive database on a machine in the same LAN
as the web server (which contacts the database for requests) and give it a
private IP address and it will be safer than before.

  Isn't that a valid application?

- -Krishnan.
- ----- Original Message -----
From: Chetan Kumar <chetansk@xxxxxxxxxxxxxxxx>
To: Srikrishnan Chitoor <krishnan@xxxxxxxxxxxxx>
Cc: <linux-india@xxxxxxxxxxxxxxxxxxxxx>
Sent: Wednesday, September 29, 1999 5:31 PM
Subject: Re: [LI] Machine with private IP address on Internet (May be
offtopic?)


> On Tue, 28 Sep 1999, Srikrishnan Chitoor wrote:
>
> *>
> *>(a) Cracker can use methods M1, M2 and M3 to crack a machine with static
IP
> *>address behind a firewall.
> *>(b) Cracker has only access to M4 for accessing a machine with
non-routable
>
>
> Well one thing, what are you going to do with a machine with non-routable
> IP number connected to Internet. (Just want to see how many can crack ur
> system, I remember M$ exp on this :-)). Since you really can not do much
> with a machine with private IP address on Internet, not many ppl have
> thought of cracking a host with provate IP numbers. So a a sort of safe,
> but what do you achieve with this ?? !!
>
>
> *>IP address even if it is not behind a firewall.
> *>
> *> Atul talked about IP spoofing (any pointers to resources on the net
which
> *>talk about this?). Are there any other ways.
>
>
> Spoofing was very common in older sun yp. Spoofing is making the client to
> believe you as the server, like configuring a fake ypmaster and get yp
> passwd fo clients. Also there is snooping, where you just capture
> all packets on network. (man tcpdump)
>
> -Chetan S
>
> *>
> *>-Krishnan.
> *>----- Original Message -----
> *>From: <binand@xxxxxxxxxxxxxxxxxxxxx>
> *>To: <linux-india@xxxxxxxxxxxxxxxxxxxxx>
> *>Sent: Monday, September 27, 1999 6:41 PM
> *>Subject: Re: [LI] Machine with private IP address on Internet (May be
> *>offtopic?)
> *>
> *>>My 2 cents worth on this.
> *>>
> *>>If your ISP assigns you a dynamic IP address, then knowing that
address, I
> *>>can attack your system. The IP addres 192.168.1.100 is typically
assigned
> *>>to the eth0 interface, whereas the dynamic address is assigned to the
> *>>ppp0/ippp0 interface of the dialup connection. It is always advisable
to
> *>>have a firewall if you are afraid of cracker attacks (to verify this,
> *>>connect to the internet, note the dynamic IP address, go to another
> *>>computer - also on the net - and try to telnet to your linux machine
> *>>using the dynamic IP address).
> *>>
> *>>Of course, a static IP address is known all over the world, while a
> *>>dynamic one gets changed quite frequently, so to find out the dynamic
> *>>address is a task on its own. In any case, it is better to have a
firewall
> *>>to block off those unwanted people trying to crash your computer.
> *>>
> *>>VSNL, in Bombay, assigns IP addresses in the range 202.54.*.*. It is
> *>>possible to write code to loop over this set of IP addresses and locate
> *>>the linux machines among these. The easiest way (I think) is to try to
> *>>establish a TCP/IP connection to one of the well known ports and try to
> *>>figure out what the system is from the response (eg, version numbers of
> *>>programs on smtp, pop-3, ftp ports etc.)
> *>>
> *>>So, whatever the kind of internet connection you have, it is always
> *>>better to set up a firewall. With a static IP address, it becomes
almost
> *>>mandatory. :-)
> *>>
> *>>Binand
> *>
> *>
> *>
> *>--------------------------------------------------------------------
> *>For more information on Linux in India visit http://www.linux-india.org/
> *>The Linux India mailing list does not accept postings in HTML format.
> *>
>
> ATM: A Technical Mistake
> ---  - -         -
>
> --------------------------------------------------------------------
> For more information on Linux in India visit http://www.linux-india.org/
> The Linux India mailing list does not accept postings in HTML format.
>


- --------------------------------------------------------------------
For more information on Linux in India visit http://www.linux-india.org/
The Linux India mailing list does not accept postings in HTML format.

------------------------------

Prev by Subject: Re: [LI] Machine with private IP address on Internet (May be offtopic?)
Next by Subject: Re: [LI] Machine with private IP address on Internet (May be offtopic?)
Previous by thread: Re: [LI] Machine with private IP address on Internet (May be offtopic?)
Next by thread: Re: [LI] Machine with private IP address on Internet (May be offtopic?)
Index(es):
- Subject
- Thread