Re: NAT external/Public IP



PCI Compliance does not equal a secure network. But it brings you
closer than not being compliant.

Chris.


On 10/25/07, Jason Alexander <jalexander@xxxxxxxx> wrote:
If its not a security risk then why is it a PCI requirement?

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Ansgar -59cobalt- Wiechers
Sent: 25 October 2007 15:49
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: NAT external/Public IP

On 2007-10-25 crazy frog crazy frog wrote:
On 24 Oct 2007 15:46:21 -0000, smarts_buy@xxxxxxxxx wrote:
Would like know is ther any security concern to bring in
external/public IP with out NAT to inside of the enterprise network.
Is it any way more secure if we use NAT?
[...]
2)If you allow lots of machine to direct access the internet with
external ip they may pose a security risk.

How would that pose a risk that would not exist with NAT'ed machines?

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches becoming available."
--Jason Coombs on Bugtraq





Relevant Pages

  • Re: [fw-wiz] PIX 520 - control traffic between DMZ and inside devices
    ... > port/machine access from DMZ to inside. ... > NAT the same IP address inside and DMZ. ... traffic is blocked from less secure to more secure interface unless ... ip address on a less secure network are directly visible from a more ...
    (Firewall-Wizards)
  • Re: NAT external/Public IP
    ... On 2007-10-25 crazy frog crazy frog wrote: ... Is it any way more secure if we use NAT? ... external ip they may pose a security risk. ... How would that pose a risk that would not exist with NAT'ed machines? ...
    (Security-Basics)
  • RE: NAT external/Public IP
    ... If its not a security risk then why is it a PCI requirement? ... Subject: NAT external/Public IP ... On 2007-10-25 crazy frog crazy frog wrote: ... How would that pose a risk that would not exist with NAT'ed machines? ...
    (Security-Basics)
  • RE: NAT external/Public IP
    ... Subject: NAT external/Public IP ... On 2007-10-25 crazy frog crazy frog wrote: ... external ip they may pose a security risk. ... How would that pose a risk that would not exist with NAT'ed machines? ...
    (Security-Basics)