Nothing (except a good spanking -:)) can help in such case. We are not talking about static NAT and inbound connections. I told about dynamic PNAT _only_.
> > Once upon a time, Alexei Roudnev <[EMAIL PROTECTED]> said: > > Any simple NAT (PNAT, to be correct) box decrease a chance of infection by > > last worms to 0. Just 0.0000%. > > The problem is that Joe User (or his kid) wants to run some random P2P > program without having to reconfigure NAT port mappings, so they have > all inbound connections mapped to a static internal IP. When the worms > come knocking, the connections go right through and the static IP system > gets infected, which then infects the Mom's computer, etc.; then you > have 2+ times as much worm traffic sourced from that single public IP > because there are multiple computers scanning. > > NAT does help if you just put necessary port mappings in place (and only > for "secure" protocols). > -- > Chris Adams <[EMAIL PROTECTED]> > Systems and Network Administrator - HiWAAY Internet Services > I don't speak for anybody but myself - that's enough trouble.
