maybe I should have said Stateful inspection.. IE inspection of SMTP whereas it limits the commands that are allowed and makes protocol adjustments.
thanks, J > -----Original Message----- > From: E.B. Dreger [mailto:[EMAIL PROTECTED] > Sent: Sunday, March 30, 2003 5:11 PM > To: [EMAIL PROTECTED] > Subject: RE: State Super-DMCA Too True > > > > JM> Date: Sun, 30 Mar 2003 10:34:28 -0500 > JM> From: "McBurnett, Jim" > > > JM> NAT-- HMMM - In my eyes that is a security precaution for the > JM> ignorant.. Think of this: Joe user goes to Wally World, or > JM> Staples and get's a Linksys BEFSR11 cable/dsl router. He adds > JM> NAT, and walla, his computer is no longer wide open to the > JM> world... Albeit not a stateful firewall, it is much more > > Actually, it _is_ stateful. It tracks state so it knows what > inbound traffic is directed to what IP:port on the inside, or > dropped if no match is found. > > Run 1:1 NAT and see how secure that is. Run a "public" IP > address with stateful rules that drop inbound traffic unless > outbound traffic happened "recently". Compare. > > NAT's "security" is a by-product of state that is necessary to > achieve 1:N mapping. > > > Eddy > -- > Brotsman & Dreger, Inc. - EverQuick Internet Division > Bandwidth, consulting, e-commerce, hosting, and network building > Phone: +1 (785) 865-5885 Lawrence and [inter]national > Phone: +1 (316) 794-8922 Wichita > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) > From: A Trap <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Please ignore this portion of my mail signature. > > These last few lines are a trap for address-harvesting spambots. > Do NOT send mail to <[EMAIL PROTECTED]>, or you are likely to > be blocked. > >