If the NAT box is compromised, one could easily access the internal
network.
Otherwise, if you have port forwarding configured, someone would also be
able to access in internal net. Aside from that, I'm not sure of other ways
someone could get in. There must be other ways, I too would appreciate it
if
someone could share those.
limited
> ----- Original Message -----
> From: "Jason Jaszewski" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, January 18, 2002 2:20 PM
> Subject: Security of Private Networks
>
>
> > Hello all,
> > If I have a Private network (with IPs of the 192.168.1.x flavor) and run
> > WinRoute (which utilizes NAT), or even a Cable/DSL router, what are my
> > security concerns. It is my understanding that since private networks
are
> > non-routable on the Internet, it is a "relatively" secure setup.
Assuming
> > the boxes are running Windows 2000 and there is no software such as VNC
or
> > other remote admin software, what are the security concerns to have? I
> > would assume vulnerability with email attachments, downloads, or file
> > sharing, etc. But, for the sake of argument, assume that these issues
are
> > not factors. Is there a way to get into those machines?
> > In my (thus far) limited understanding of NAT, I was informed that
because
> > NAT creates the socket, it would be difficult to connect to a box with a
> > Private IP remotely without some kind of software previously installed.
> > However, based on previous list emails about the (in)security of NAT, I
> > question this. Are there apps out there that could "trick" the NAT box
(or
> > router) into making a connection with another machine? Even without
remote
> > admin software installed, assuming the conditions above?
> > Thanks in advance for answering my curiosity.....
> >
> > Jason
> >
> >
>
