This is one reason why router/gateway vendors touting NAT as "a
natural firewall" is EVIL.
[It appears that recently some vendors may have been touting static
NAT (providing access through NAT to servers) as "effectively a DMZ".
Grrr....]
> Some "security experts" claim that NAT could be used as a firewall
> (or let's say, some means of hiding the internal network).
Well, it does make it essentially impossible for an outsider to
scan the internal network, or contact internal machines that do not
currently have an outbound session in the NAT map. That the value of
this is sometimes overstated doesn't mean that it has none.
David Gillett
On 30 May 2001, at 13:14, Steve Riley (MCS) wrote:
> Some "security experts" claim that NAT could be used as a firewall (or
> let's say, some means of hiding the internal network). I have a question
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
