Re: NAT is not a mechanism for securing a network.. but.. HELP!

From: CyberDroog (CyberDroog_at_ClockworkOrange.com)
Date: 08/28/05


Date: Sun, 28 Aug 2005 18:42:30 GMT

On 28 Aug 2005 01:24:12 +0200, Volker Birk <bumens@dingens.org> wrote:

>CyberDroog <CyberDroog@clockworkorange.com> wrote:
>> As I said, since there is no legal definition of the term firewall (as
>> there is for, say, a hamburger in the U.S.) the word will obviously be used
>> to refer to the process of limiting access in one way or another.
>
>There are standards:
>
>A "firewall" is an agent which screens network traffic in some way,
>blocking traffic it believes to be inappropriate, dangerous, or both.
>(RFC 2979, Behavior of and Requirements for Internet Firewalls)
>
>A NAT router with filtering capabilities is a firewall following this
>definition.

That was my point. The side effect of NAT is packets not being routed if
there is nowhere to which to route them. The filtering may be minimal, but
it provides some degree of protection. Enough for the home users to which
the devices are marketed.

-- 
REPORTER, n. A writer who guesses his way to the truth and dispels it
with a tempest of words.
  - Ambrose Bierce