second rule: "If you can reach them, they can reach you" (well, this is the
title
of an enlightening article. My thanks to its author).
Using NAT generally means that you don't have a fixed address reachable
from outside
(I'm talking about the kind of NAT called dynamic, NPAT, PNAT, PAT, and
other fancy names).
using that, I see (at least) 3 kinds of attacks:
-As Aaron said, people in the same environment as you can reach you.
- When you connect to the outside, you are reachable through your
connection. So if you are
not protected against someone who can steal your connection, daddy NAT can
do nothing for you.
- Last but not least, you probably receive email, surf the web, ... and
you're thus subject to all
related attacks, such as content-based attacks -viruses, malicious scripts,
..., and many more.
so, there's no where to hide, if that was ever your intent. You either
protect yourself using
an effective solution, or accept the risks...
... and eventhough you have an air conditioned car, you still need a fridge.
regards,
mouss
At 17:33 07/08/00 -0700, Aaron Schultz wrote:
>First rule: nothing is "safe"
>Everything you do can help make for a safer environment.
>
>The thing to keep in mind is that even in a NAT environment, you can have
>people inside the network who may do something wrong (or intentional) and
>open a connection up that someone from the outside could use to get in.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
