Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Gone paranoid: private IP to public IP!!

Hello my friends. Until short ago I used to lead a less stressing life and used to think of a certain luck I had when people discussed security issues on this list because it practically wasn't any of my concern. And you want to know why? Well, because I had practically all my flanks protected: my network users think I'm speaking traditional chinese when I talk about anything else than Photoshop and Illustrator and the outside world was kind of inexistent to me because my ISP has kept me on a private IP basis. My connection to the internet was masqueraded at least three times (!!) if my suspicions are correct, so it was next to impossible to get to my network from the outside world. But now, oh now!!! things have changed a bit and the subject of this message already says why.

Yesterday I realized that my ISP had changed me from a private address to a public address just like that, just out of the blues! It happened when I was checking the IP the ISP provided Cisco router dynamically assigns to my MOSXS box (which nat's all my hosts), and saw that it went from a 10.x.x.x address to a 200.x.x.x one. I froze at the very instant! Of course I was happy when considering all the advantages this (unrequested) change would bring along (and at no extra cost), but also was terrified when I realized that my server is PERFECTLY VISIBLE on the internet now. Of course I did not delay one second to check the Cisco's own IP and confirm that it and my box's were perfectly routable and ping'able from the outside world (and off-site friend confirmed this for me also). At this point all the security issues I had previously overlooked feel on me like heavy rock and started searching for possible open holes that might jeopardize the integrity of my server. Thankfully, but up to a point regrettably, the Cisco router blocks all lower-numbered port incoming connections, so no dns, http, ftp, ssh, ... request can make it through, so I guess that many possible security holes are covered there. But I still considered the undesired possibility of any malicious hacker getting through and reaching my server.

So my question here is, what security checks should I perform on my server to find all potential open holes? What security measures should I take? What are the obvious steps an intruder would take to find holes and how can I circumvent that? In short, what are the basic things I should do to calm down the paranoia-driven thought that I might be getting hacked right now?!

I still don't know why my ISP made such a strange move. I'm still thinking that someone gooffed and changed something that shouldn't have. So maybe my current situation will not last long and I will be moved to private IPs again shortly. But I really don't care about that too much right now. The change could be either permanent or temporary, I want to know that I am as safe and protected as possible against attacks from people who have nothing better to do.

Thanks in advance for the help and insight on the subject. As I said before, all this has been something that I have overlooked quite irresponsibly until now. Unfortunately I'm going to have to learn the hard way now.

Regards to all and thanks for your time. Sincerely,...


Juan.
_______________________________________________
macos-x-server mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macos-x-server
Do not post admin requests to the list. They will be ignored.


Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.