Couple of thoughts off the top of my head: 1) The router itself may have vulnerabilities - see the relatively recent incidents with the Alcatel routers, and the 3Com DSL routers, an older one with Zyxel Prestige routers, the @Home cable modem enumerations.... 2) What about if you get hit with a trojan via email? Do you have outbound traffic filtered at all? 3) Any ports mapped to the external IP from your LAN may be running vulnerable services... I'm sure there are more... Get a router with a hardware firewall - ie Linksys. --- Dee Harrod <[EMAIL PROTECTED]> wrote: > This strikes me as somewhat of a bonehead question, > but it's something that's bothered me for awhile: > > Let's say I have DSL at home. Let's also say that I > have a single public IP address, but my internal LAN > uses private addressing. The DSL router performs > some > sort of NAT or PAT (probably PAT here). All my > internal machines can reach the Internet through the > DSL router, but when they come out, the source > address > is changed to the public address. The ports are > managed by the router, so that it knows who's > talking > to whom, and can thus properly direct returning > traffic. > > Since someone from the outside accessing the router > itself would be a bad idea, say I'm blocking that. > Let's say it's managed by http, and I have a filter > rule that prohibits anything but my private network > from reaching port 80. > > Now, for all intents and purposes, how vulnerable is > my internal network? > > You can't start a connection with an internal system > because you can't reach its IP address. Even if you > did manage to hijack a session, of how much value > would it really be? > > So it seems to me that if you use NAT/PAT, you don't > need a real firewall unless you're actually > permitting > some kind of traffic to connect to something from > the > outside. > > Is that right? > > -- Dee > > __________________________________________________ > Do You Yahoo!? > Yahoo! GeoCities - quick and easy web site hosting, > just $8.95/month. > http://geocities.yahoo.com/ps/info1
__________________________________________________ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1
