Is Your System on a Private IP Address Safe from Outside Attacks?

Private IP addresses (172., 192. etc.) are not routable addresses, and not visible to the outside world due to NATing. Even if some incoming traffic for these private IPs does hit a border router, most commercial routers would be configured to not route the traffic.

However, this does not guarantee complete safety from outside attacks. Though reducing direct exposure to the Internet with NAT does reduce some risks, as long as you are on an Internet connected network, there are still many ways for attackers to reach you.

Some examples of tactics that can evade or ignore NAT include:

  • Exploiting application vulnerabilities in client/server or peer to peer software you run, such as web browsers or Skype.
  • Sending phishing emails or creating fake websites with malicious payloads or links to attacker sites.
  • Embedding “drive-by” malware in ads on otherwise legitimate sites.
  • Utilizing IPv6 (if enabled) which usually does not use NAT.
  • Carrying out attacks within VPN or GRE tunnels.

Leave a Reply

Your email address will not be published. Required fields are marked *