• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

TMG security show internal IPs

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Threat Management Gateway (TMG) 2010] >> General >> TMG security show internal IPs Page: [1]
Login
Message << Older Topic   Newer Topic >>
TMG security show internal IPs - 26.Oct.2011 7:15:15 AM   
machamma

 

Posts: 14
Joined: 11.Jun.2008
Status: offline
Dear Friends,

Recently one guy from a security company sent me an report of some tests that he made against my firewall (TMG All patched).

On that report he said that because of a Windows vulnerability he could list all my IPs of internal network.

He sent me a list of those IPs, and he is right.

Could you please give me any directions of how can I find this security problem?

I donŽt have any idea.

Best Regards
Post #: 1
RE: TMG security show internal IPs - 26.Oct.2011 8:23:34 AM   
dvizzle

 

Posts: 236
Joined: 20.Apr.2009
Status: offline
Did he send you the report? Most of those companies or software packages that do those security scans, link you to solutions to the problem within the report.

(in reply to machamma)
Post #: 2
RE: TMG security show internal IPs - 26.Oct.2011 8:33:43 AM   
machamma

 

Posts: 14
Joined: 11.Jun.2008
Status: offline
Dear dvizzle,

The problem is that he just sent me the problem, if I want details, IŽll have to pay.

IŽd like to know if thereŽs any other way to try to detect what vulnerability is this...

My TMG has 2 Nics, all patched, I donŽt have any idea what would cause this.

Thanks

(in reply to machamma)
Post #: 3
RE: TMG security show internal IPs - 26.Oct.2011 9:04:18 AM   
dvizzle

 

Posts: 236
Joined: 20.Apr.2009
Status: offline
Download an open source linux boot CD like Knoppix, and run some of the open source security scanners against your TMG box like nessus or nmap.

(in reply to machamma)
Post #: 4
RE: TMG security show internal IPs - 26.Oct.2011 9:27:02 AM   
machamma

 

Posts: 14
Joined: 11.Jun.2008
Status: offline
Thanks!

IŽll see what I can do... I am not good at all with Linux.

Best Regards

(in reply to dvizzle)
Post #: 5
RE: TMG security show internal IPs - 27.Oct.2011 12:10:59 PM   
machamma

 

Posts: 14
Joined: 11.Jun.2008
Status: offline
Hi!

I found a Windows version of Nessus (Home License) adn nmap.

Both of them did not find any critical problem, nessus just mentioned low, dns name resolution, and 4 more things..

Do you have anything else that i can try to identify how could be possible to list my internal IPs through TMG external interface?

I mean, for example: TMG internal NIC 192.168.1.100

He sent me a list of 192.168.1.200, 192.168.1.201, 192.168.1.202, and these IPs are my internal servers.

Thanks again!!

(in reply to machamma)
Post #: 6
RE: TMG security show internal IPs - 27.Oct.2011 2:52:08 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

interesting. Did he scan your TMG from internet?

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to machamma)
Post #: 7
RE: TMG security show internal IPs - 28.Oct.2011 3:58:54 AM   
machamma

 

Posts: 14
Joined: 11.Jun.2008
Status: offline
Hi Paulo,

Yes, from Internet!

Regards,
Marcos

(in reply to paulo.oliveira)
Post #: 8
RE: TMG security show internal IPs - 28.Oct.2011 11:47:46 AM   
railfan

 

Posts: 62
Joined: 13.Sep.2011
Status: offline
What is the name of the security company that send you the report?

I would be highly suspicious.  Are you publishing anything from within TMG itself? 

Make sure you aren't dealing with a botnet or spyware company that harvested your internal IPs from a compromised PC in your network.

(in reply to machamma)
Post #: 9

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Threat Management Gateway (TMG) 2010] >> General >> TMG security show internal IPs Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts