The easiest way to hide system names and IP addresses from external scanners is to use Network Address Translation...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
(NAT) on your network. NAT devices (usually border firewalls) allow you to use private addresses on your internal network and public addresses on your external one. Unless a NAT rule is specifically enabled, such configuration prevents anyone on the Internet from reaching systems that use private addresses.
When using NAT, it's a matter of best practice to use RFC 1918-reserved private address ranges. These include the 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, and 192.168.0.0-192.168.255.255 address ranges. These addresses are not routable over the Internet, and they can protect you from firewall mis-configurations.
- A SearchSecurity.com reader asks whether firewalls alone can block port-scanning activity.
- Is it ever a good idea to put a firewall before a router?
Related Q&A from Mike Chapple
Web application firewalls may be a way to better security, but organizations need to be aware of the compliance implications of WAFs.continue reading
An SEC report shows over three-quarters of financial institutions were subject to at least one cybersecurity attack. Expert Mike Chapple looks at ...continue reading
The Data Accountability and Trust Act is likely to become a law this year. Expert Mike Chapple advises organizations on how to prepare.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.