[mdlug-discuss] NAT != security, right?
Aaron Kulkis
akulkis00 at gmail.com
Wed Oct 13 13:46:58 EDT 2010
Ingles, Raymond wrote:
> NAT offers a *limited* amount of security. Roughly like a screen door.
>
> If a machine from inside the NAT is communicating with a machine outside
> the NAT, it can potentially be subverted. And in that case, it can then
> attack all the *other* machines inside the NAT.
>
> Basically, NAT doesn't offer any more security than a stateful firewall.
> And you'd want a stateful firewall anyway if you're worried about
> security.
If NAT provided good security, quite a few secret-clearance
networks in Iraq and other operational theaters wouldn't have
come down with virus outbreaks.
DOD finally came to the realization that NATting is proving no
effective protection, and mandated that all file servers NOT be
run on Windows.
>
> Sincerely,
>
> Ray Ingles (313)
> 227-2317
>
> "Reality is that which, when you stop believing in it, doesn't go
> away."
> -- Philip K. Dick
More information about the mdlug-discuss
mailing list