Our IT services firm is proposing a network reconfiguration to use the IP range 10.10.150.1 – 10.10.150.254 internally as they state the current IP scheme using manufacturer defaults of 192.168.1.x is "making it to easy to exploit".
Is this true? How does knowing / not knowing the internal IP scheme make a network more exploitable? All internal systems are behind a SonicWall NAT and firewall router.
Best Answer
This will add at best a very thin layer of "security by obscurity", as 192.168.x.y is a way more commonly used network address for private networks, but in order to use the internal addresses, bad boys have to be already inside your network, and only the most stupid attack tools will be fooled by the "non standard" address scheme.
It cost nearly nothing to implement this, and it offers nearly nothing in return.