Re: Please explain port forwarding..

From: Paul H (nospam_at_nospam.com)
Date: 05/19/04 

Date: Wed, 19 May 2004 15:48:17 +0100

"Leythos" <void@nowhere.com> wrote in message
news:MPG.1b1529e9e252090b98a548@news-server.columbus.rr.com...
> In article <F_Iqc.15$kK3.6@newsfe6-win>, nospam@nospam.com says...
> > I have a NAT router with an SPI and several PCs on a peer network. I
have a
> > good understanding of networks but....
> >
> > I have never been able to get what is really happening with port
forwarding.
> > Even though I have usefully configured my router to forward ports, I
don't
> > *really* know what I am doing.
> >
> > So, If I configure my NAT router to forward port 10,000 to 192.168.0.26
on
> > my network does that mean?....
>
> Forwarding, means that the port specified that arrives inbound on the
> specified public IP address (in case you have more than one) will be
> forwarded to the specified internal IP address - no filtering, just all
> data on port X will be forwarded to that IP.
>
> So, assuming that you are using a simple NAT router on a DSL/Cable
> connection with 1 public IP address:
>
> Forwarding -
>
> IP Address PORT Enable
> 192.168.10.200 80 X
> 192.168.10.200 443 X
>
> In the above example, all inbound traffic on your Public IP address for
> ports 80/443 will be forwarded to the internal IP of 192.168.10.200.
>
> If you had more than 1 public IP and a router that handles it, you can
> create rules that allow you to specify the public ip, port, internal ip,
> port, and enable/disable.

Thanks for your reply.

So is port forwarding a security risk?

If I understand you correctly, **any** packet arriving at my routers WAN
address destined for port 10,000 will be forwarded straight on to
192.168.0.26.

So would someone scanning my network see port 10,000 as open or closed?

Or if there was a worm going around that tried to get in via port 10,000
would it get straight through to 192.168.0.26?

..still confused.. :o/

Relevant Pages

  • Re: Please explain port forwarding..
    ... > I have a NAT router with an SPI and several PCs on a peer network. ... > I have never been able to get what is really happening with port forwarding. ... assuming that you are using a simple NAT router on a DSL/Cable ...
    (alt.computer.security)
  • Re: Port forwarding and ssh
    ... >> the only problem was from my NAT router which does ... >> machine by ssh and port forwarding and i try to ssh ...
    (Fedora)
  • Re: How safe is NATing ?
    ... if the NAT router is set up to do port ... No NAT routers that I am aware of come with port forwarding turned ... Please do not send email directly to this alias. ...
    (microsoft.public.security)
  • Re: How did they get behind my NAT?
    ... Not having experience with that router, I can't be sure what limits it ... "default forwarding IP", although it is an option on many. ... I understand that exposing a port exposes any service ... Always remember - only download files from Trusted Sites. ...
    (alt.computer.security)
  • Re: How did they get behind my NAT?
    ... Not having experience with that router, I can't be sure what limits it ... "default forwarding IP", although it is an option on many. ... that listens on that port. ... Always remember - only download files from Trusted Sites. ...
    (alt.computer.security)