Re: ISPs can easily decrease net abuse

From: Walter Roberson (roberson_at_ibd.nrc-cnrc.gc.ca)
Date: 12/02/03

• Next message: JF Mezei: "Re: ISPs can easily decrease net abuse"
• Previous message: Walter Roberson: "Re: ISPs can easily decrease net abuse"
• In reply to:(deleted message) Leythos: "Re: ISPs can easily decrease net abuse"
• Next in thread: Leythos: "Re: ISPs can easily decrease net abuse"
• Reply: Barry Margolin: "Re: ISPs can easily decrease net abuse"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 2 Dec 2003 04:08:16 GMT

In article <MPG.1a3584e54aa22f3e989eab@news-server.columbus.rr.com>,
Leythos <void@nowhere.com> wrote:
:And the intent, if you had followed the start, what the NAT with no
:forwarding would be used. Why would I post about how it could protect if
:the intent was to forward all ports?

We aren't mind-readers, Leythos, to know about your *intent*.
The words you actually -wrote- had no indication in them that
you understood about issues such as port forwarding or persistant
translations.

What you wrote was,

"Actually, if ISP's required users to install a router with NAT it would
eliminate most of it. The hacks and worms could not infect new machines
protected by NAT."

which simply is not true. There is nothing in any official definition
of 'NAT' that talks about duration of translations or restricting
translations to be usable to only returning traffic, and seeing as
Cisco has a patent on its "Adaptive Security Algorithm", many NAT
implimentations are overly generous on leaving open port translations...
leaving windows during which hacks and worms *will* be able to infect
new machines that are active on the 'net.

-- 
   I wrote a hack in microcode,
   with a goto on each line,
   it runs as fast as Superman,
   but not quite every time!                 -- Dave Touretzky and Don Libes

---

• Next message: JF Mezei: "Re: ISPs can easily decrease net abuse"
• Previous message: Walter Roberson: "Re: ISPs can easily decrease net abuse"
• In reply to:(deleted message) Leythos: "Re: ISPs can easily decrease net abuse"
• Next in thread: Leythos: "Re: ISPs can easily decrease net abuse"
• Reply: Barry Margolin: "Re: ISPs can easily decrease net abuse"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Repost: Nats farewell ... To refute the Kook's false allegations that Nat was "run off." ... hotmail account is closed because of the use of it by ... Backchannelling is not the intent, the intent is to keep up ... of course you too are in my prayers. ... (alt.support.chronic-pain) Re: ISPs can easily decrease net abuse ... >:And the intent, if you had followed the start, what the NAT with no ... > you understood about issues such as port forwarding or persistant ... (comp.security.misc) Re: ISPs can easily decrease net abuse ... >:And the intent, if you had followed the start, what the NAT with no ... > you understood about issues such as port forwarding or persistant ... Why would I post in this thread about using NAT if I wanted someone to ... > of 'NAT' that talks about duration of translations or restricting ... (comp.security.misc) Re: ISPs can easily decrease net abuse ... The hacks and worms could not infect new machines ... >:protected by NAT. ... And the intent, if you had followed the start, what the NAT with no ... Why would I post about how it could protect if ... (comp.security.misc) Re: Static Translations Disappearing ... this router and see if they have the same behavior. ... you are running into a NAT bug. ... It wouldn't hurt to change IOS and ... ....where it just shows all translations being dynamic (0 static, ... (comp.dcom.sys.cisco)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.misc  > 2003-12