Re: NAT is not a mechanism for securing a network.. but.. HELP!

From: CyberDroog (CyberDroog_at_ClockworkOrange.com)
Date: 08/28/05

• Next message: Jack: "Help with AtGuard"
• Previous message: Volker Birk: "Re: Sygate ??"
• In reply to: Volker Birk: "Re: NAT is not a mechanism for securing a network.. but.. HELP!"
• Next in thread: Duane Arnold: "Re: NAT is not a mechanism for securing a network.. but.. HELP!"
• Reply: Duane Arnold: "Re: NAT is not a mechanism for securing a network.. but.. HELP!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sun, 28 Aug 2005 18:42:30 GMT

On 28 Aug 2005 01:24:12 +0200, Volker Birk <bumens@dingens.org> wrote:

>CyberDroog <CyberDroog@clockworkorange.com> wrote:
>> As I said, since there is no legal definition of the term firewall (as
>> there is for, say, a hamburger in the U.S.) the word will obviously be used
>> to refer to the process of limiting access in one way or another.
>
>There are standards:
>
>A "firewall" is an agent which screens network traffic in some way,
>blocking traffic it believes to be inappropriate, dangerous, or both.
>(RFC 2979, Behavior of and Requirements for Internet Firewalls)
>
>A NAT router with filtering capabilities is a firewall following this
>definition.

That was my point. The side effect of NAT is packets not being routed if
there is nowhere to which to route them. The filtering may be minimal, but
it provides some degree of protection. Enough for the home users to which
the devices are marketed.

-- 
REPORTER, n. A writer who guesses his way to the truth and dispels it
with a tempest of words.
  - Ambrose Bierce

---

• Next message: Jack: "Help with AtGuard"
• Previous message: Volker Birk: "Re: Sygate ??"
• In reply to: Volker Birk: "Re: NAT is not a mechanism for securing a network.. but.. HELP!"
• Next in thread: Duane Arnold: "Re: NAT is not a mechanism for securing a network.. but.. HELP!"
• Reply: Duane Arnold: "Re: NAT is not a mechanism for securing a network.. but.. HELP!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Is there a risk with firewalls? ... It appears that a NAT router is the safest way to protect my or any PC from ... Is a firewall such as Zone Alarm still needed even if one has a NAT ... Finally you say that a firewall needs two network interface cards one ... Internet and the network it's protecting the LAN. ... (comp.security.firewalls) Re: 56k dial up on laptop 802.11G ? ... >>> The Linksys WRT54G series of wireless routers all have firewall ... >>No NAT router is running FW software in the traditional sense. ... > Linux firewall is not a firewall... ... Linksys router is running FW software or a NAT router for home usage is ... (alt.internet.wireless) Re: 56k dial up on laptop 802.11G ? ... >>> needed for a firewall. ... No NAT router is running FW software in the traditional sense. ... A firewall examines all traffic routed between the two networks to see if it ... Firewalls can also filter specific types of network traffic. ... (alt.internet.wireless) Re: CISCO Vs Watchguard ... >> it appears to be a simple NAT ROUTER not a firewall. ... standard NAT based router that uses SPI - so it's much like a Linksys ... SPI on any product does all this. ... Considering that the standard Linksys NAT Router with SPI (their ... (comp.security.firewalls) Re: Linksys Firmware Upgrade Available ... A router does not block outgoing packets. ... an NAT router will not stop it. ... With a firewall, you can block programs, ports and protocols. ... You have a linksys one of these linksys ... (comp.security.firewalls)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.firewalls  > 2005-08