There is a key difference between physical and cyber worlds.

In physical world, addresses for non-military areas are public. You have to label your apartment properly so that mail from postage service or goods from courier will not miss the destination. Major map service providers have the information online for public accessibility.

In cyber world, IP address is sensitive information and securely protected in document, electronic information transfer. This is because if threat actor has landed in the internal network, the first thing is to conduct reconnaissance in understanding what are network nodes present, then trying to reveal its OS footprint in deciding what could be exploited.

If IP address (and even worst with the host information, like in network diagram) are disclosed, it will save threat actor substantial amount of work in the discovery phase.

However, whatever protections are imposed, it is just a matter of making the penetrating more difficult. There are always new threats, vulnerable OS, vulnerable software affecting your organization and never expected 100% secure in the cyber world. We have to aimed at sufficient resilience for speedy business operation recovery.

Leave a Reply