> From: Andrew Simmons > > do you have any idea how much small businesses have just a > NAT router > > instead of a real firewall? > > in what way is a nat box *not* a stateful firewall?
First, I don't believe I said they weren't. Depends on which 'box' we're talking. Some simple SMC or USRobotics router vs. e.g. IPCop etc. Secondly, that was not the problem I was referring to. The problem with what I understood by a NAT box, is the fact they generally do not allow outbound filtering, meaning a hacker who made a first step inside, has all ports open to backfire command shell, download some hack tools etc. Simple example: a cracker sends you a mail with an url you should click. The url is not 'http://server/' but \\server\share, which you might not notice. With such a simple trick he can have a netbios session and read out a whole lot of information about your system. Now with outbound filtering that could be stopped. Which is definitely not possible with a simple NAT box. Everyone know NETBIOS must be blocked incoming. Now I hope you understand why it should be blocked outgoing also. Serge _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
