[Dshield] NAT: Secure?

Micheal Patterson micheal at cancercare.net
Wed Aug 27 14:04:21 GMT 2003

----- Original Message ----- 
From: "Alan Frayer" <afrayer at frayernet.com>
To: <list at dshield.org>
Sent: Wednesday, August 27, 2003 7:49 AM
Subject: [Dshield] NAT: Secure?

> Please pardon the basic question, but I'm filling holes in my
> understanding of firewalls, and figure this is a good place to do so.
> How secure is NAT? One sees advertised dozens of inexpensive broadband
> routers with simple NAT firewalls (which isn't really a firewall, I
> know; the firewall is a side effect of the purpose of NAT), and I wonder
> if the public isn't being taken by depending on these devices.
> ________________________________________________________________________
> Alan Frayer,CNE,CNI,CIW CI,MCP,Net+ - afrayer at frayernet.com
> Seeking an IT Mgmt/Network Admin position in the Tampa Bay Region
> If you would like to discuss an opportunity with me, please e-mail.

Provided that there are no static nat entries pointing back to internal
hosts / ports, then I'd say it is one of the most secure methods of internet
connectivity. NAT is pretty much a one way door with outbound traffic
leaving, for a short time, an opening allowing a response from the contacted
remote host and port combination and only from that host/port combination.


Micheal Patterson
TSG Network Administration

Confidentiality Notice:  This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original

More information about the list mailing list