[OWASP-Bangalore] SourceNAT IP to be in scope for Scanning or not?

N. V. R. K. RAJU nvrkraju4 at gmail.com
Tue Jul 29 00:53:16 UTC 2014


Hi All,

I am unable to come to a conclusion to say the sourceNAT IP of a firewall
should be covered or in-scope for vulnerability scanning.

I get to hear from my network team that firewall managment IP is already
covered to find issues related to Firewall, having source NAT IP included
inscope does not make any sense.

I do agree to them for certain extent that scanning source NAT IP from
external perspective does not fetch any results or may be I could be wrong?
However, I feel there should be a scan performed atleast internally.

Kindly, help me clearing my query.

-- 
Regards,
Raju
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20140728/f16aac33/attachment.html>


More information about the OWASP-Bangalore mailing list