[Dshield] NAT: Secure?

Alan Frayer afrayer at frayernet.com
Wed Aug 27 15:51:11 GMT 2003


That's the way I understand it, too, and while it SOUNDS good that the
intruder needs to know the real destination, we've seen many ways around
this. I'm wondering if NAT is enough for the home network any longer.

On Wed, 2003-08-27 at 09:37, Neil G. Lovering wrote:
> NAT provides a whole lot more security then, say, connecting a PC
> directly to a cable modem.  With NAT, you can have multiple devices use
> the same public IP address.  Someone on the outside would have to know
> the public IP address and port used to get back to the initial machine.
> 
> Now, with that said, NAT is certainly not the final straw for security.
> It's just a start.  NAT is only one tool that a firewall can use to
> protect those on the inside.  However, a true firewall will also look
> deeper into the packets coming through.  A simple NAT device would not
> normally do this.
> 
> Hope this helps.
> 
> Neil
> 


________________________________________________________________________
Alan Frayer,CNE,CNI,CIW CI,MCP,Net+ - afrayer at frayernet.com
Seeking an IT Mgmt/Network Admin position in the Tampa Bay Region
If you would like to discuss an opportunity with me, please e-mail.





More information about the list mailing list