At 07:33 PM -0600 12/04/2004, Rad Craig wrote:
Using NAT gives your computer a 'private' address that only the inside of the router (your 'local' (inside your home) network) knows. It shows a different address, the one from the phone company, to the rest of the world as it's taken and controlled/protected by the router and not your computer. The router will have a built-in firewall for more protection.
The firewall in a typical consumer NAT Router is minimalistic, at best. It operates at a low level ip:port association, so it's good for blocking inbound probes (worms). But it does not do outbound blocking or any of the in/out-bound application-level filtering that full firewalls do.
This way, no one can determine what ip address your computer is actually running. They can see the outside of the router, the 'public' ip address, from your phone company, only.
That is simply not true. There are many ways you can sniff out the private LAN addresses. Directly, by sniffing http and ftp, and often simply by checking email Received headers.
Your *point* (that I agree with) is that the NAT Router maintains two different networks - the public WAN side and the private LAN side with a basic firewall between them. That separation provides an easy-to-use/implement 1st level of security.
FWIW, - Dan.
-- G-List is sponsored by <http://lowendmac.com/> and...
Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- We have Apple Refurbished Monitors in stock! | & CDRWs on Sale! |
Support Low End Mac <http://lowendmac.com/lists/support.html>
G-List list info: <http://lowendmac.com/lists/g-list.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/g-list%40mail.maclaunch.com/>
Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
