Re: Systems behind NAT - port scanning etc.
From: Lik Mai Sak (cuddlybear101@yahoo.com)Date: 10/29/02
- Next message: Brandon Yu: "Re: gigabit NIC upgrade for PIX"
- Previous message: : "Re: Another Good Website to check out"
- In reply to: Melinda Shore: "Re: Systems behind NAT - port scanning etc."
- Next in thread: Melinda Shore: "Re: Systems behind NAT - port scanning etc."
- Reply: Melinda Shore: "Re: Systems behind NAT - port scanning etc."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Lik Mai Sak <cuddlybear101@yahoo.com> Date: Tue, 29 Oct 2002 17:34:14 +1100
Melinda Shore wrote:
> In article <PLiv9.112727$Hj7.58788@rwcrnsc53>,
> Network Tiger Teams <information@networktiger.com> wrote:
> >So maybe we're just confused over semantics...
>
> I'm not confused about anything (at least not in this
> discussion). If you have a full cone NAT with a NAT table
> entry mapping internal address 192.168.1.4.4056 to external
> address 132.236.4.6.5678, any packet arriving at
> 132.236.4.6.5678, regardless of source address, will be
> forwarded to 192.168.1.4.4056. You should spend some time
> experimenting with a bunch of different NATs - you'll see a
> range of behaviors, many of them surprising.
Depends on the features of the router/NAT device. Some only allow
connections from/to all addresses, some allow you to specify source/target
addresses.
You pretty much get what you pay for tho. As someone pointed out earlier,
NAT/SPI is a good *part* of a secure setup, but it's not the whole deal.
E.
- Next message: Brandon Yu: "Re: gigabit NIC upgrade for PIX"
- Previous message: : "Re: Another Good Website to check out"
- In reply to: Melinda Shore: "Re: Systems behind NAT - port scanning etc."
- Next in thread: Melinda Shore: "Re: Systems behind NAT - port scanning etc."
- Reply: Melinda Shore: "Re: Systems behind NAT - port scanning etc."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
