Gerardo Gregory writes on 11/24/2003 4:20 PM:
NAT is not a security feature, neither does it provide any real security, just one to one translations. PAT fall into the same
It is not a cure all and I never said it was one. It cuts the risk down a little, is all.
Most broadband providers still perform a NAT translation downstream, is it helping alleviate any of the attacks/compromises? NOT!!!!!
A lot of it is because of infected hosts in a subnet searching around for open windows shares on IPs around it.
I know Microsoft has a product that allows you to donwload patches to a centralized server (within your infrastructure) and let's you patch your internal systems from it. Heard our MS admins talking about it a while back....
Sounds like a good thing to have around.
-- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations
