I decided to look this up as I was curious also. I do not claim to be an
expert in this field. I have been told by router makers that NAT or
PAT(depending on the router you are using) is one of the most secure
firewalls there are as long as no ports are mapped.
Spoofing is the technique of claiming you have the IP address of someone
else in order to intercept packets destined for the other machine. Now most
of us use private IP addresses on the internal network. Private address
(such as 10.x.x.x or 192.168.x.x) are not suspossed to be routeable on the
Internet.
Yes I could spoof an internal address, but how does that help the intruder?
The only address that can be reached via the Internet is the external
address of the STN box. He has no way to make the STN box send internal
traffic to himself unless he has access to the web interface of STN. If you
have the web interface turned off to the Internet, where is his route of
intrusion? Also there are limits as to what STN can be programmed or
reprogrammed to do as it doesn't have many services loaded.
Now if you have inbound services mapped to internal machines, I could
imagine that an intruder could ride that mapped service to the internal
machine and do some damage depending on the ports mapped and how secure that
internal machine was. But that is also true about the $800 "firewall"
machine. Map ports to the inside and you can be toasted.
And I think the real answer to your question is 'none'!
Lyle
-----Original Message-----
From: Richard G. Samuels [mailto:[EMAIL PROTECTED]]
Sent: Sunday, August 06, 2000 6:22 PM
To: [EMAIL PROTECTED]
Subject: Re: [ShareTheNet] Woo Woo! Good Stuff about STN
I had a customer buy an $800 "firewall" box based on the salesman's
representation that NAT devices like STN are not secure because an
intruder can spoof an internal IP address. I asked him if he knew the
difference between a used car salesman and a computer salesman. (There
are two answers: 1. The used car salesman knows when he's lieing. 2.
About 2 weeks.).
Is there any conceivable way this could be done?
john burton wrote:
>
> I posted my results of 'nmap' some time back. Showed 25 (smtp) 80 (http)
and 53 (nameserver) open here; all of which were expected.
>
> STN does do well as a firewall!
>
> --==jb==--
>
> --
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> john burton
> Midwest City, Oklahoma
>
> -----Original Message-----
> From: Gavin Delaney [SMTP:[EMAIL PROTECTED]]
> Sent: Sunday, August 06, 2000 13:47
> To: [EMAIL PROTECTED]
> Subject: [ShareTheNet] Woo Woo! Good Stuff about STN
>
> A friend of mine who works as a "Security Consultant" and programmer for
> a local e-company decided to try to have some fun with me and ran a few
> of his testing proggies like nessus on me. He was *very* surprised that
> i seemed nearly impregnable!!!
>
> lets hear it for STN! :)\
>
> Gavin Delaney
>
> --- Sponsor's Message --------------------------------------
> Get a NextCard Visa, in 30 seconds!
> 1. Fill in the brief application
> 2. Receive approval decision within 30 seconds
> 3. Get rates as low as 2.9% Intro or 9.9% Fixed APR
> http://click.topica.com/aaaaq0bz8Rp2bAfyJec/NextCardAd2
> ------------------------------------------------------------
>
> --
> Visit http://www.ShareTheNet.com for info about ShareTheNet
> Visit http://www.topica.com/lists/sharethenet for info about this list
> ___________________________________________________________
> T O P I C A The Email You Want. http://www.topica.com/t/16
> Newsletters, Tips and Discussions on Your Favorite Topics
>
> Name: WINMAIL.DAT
> WINMAIL.DAT Type: application/x-unknown-content-type-dat_auto_file
> Encoding: x-uuencode
>
> --- Sponsor's Message --------------------------------------
> TOO MUCH DEBT? Let this nonprofit help you lower your credit card
> interest charges and consolidate your payments without a loan. If you
> have $5000 in credit card debt, click here.
> http://click.topica.com/aaaav5bz8Rp2bAfyGbc/Edebt
> ------------------------------------------------------------
>
> --
> Visit http://www.ShareTheNet.com for info about ShareTheNet
> Visit http://www.topica.com/lists/sharethenet for info about this list
> ___________________________________________________________
> T O P I C A The Email You Want. http://www.topica.com/t/16
> Newsletters, Tips and Discussions on Your Favorite Topics
--- Sponsor's Message --------------------------------------
TOO MUCH DEBT? Let this nonprofit help you lower your credit card
interest charges and consolidate your payments without a loan. If you
have $5000 in credit card debt, click here.
http://click.topica.com/aaaav5bz8Rp2bAfEEQc/Edebt
------------------------------------------------------------
--
Visit http://www.ShareTheNet.com for info about ShareTheNet
Visit http://www.topica.com/lists/sharethenet for info about this list
___________________________________________________________
T O P I C A The Email You Want. http://www.topica.com/t/16
Newsletters, Tips and Discussions on Your Favorite Topics
--- Sponsor's Message --------------------------------------
TOO MUCH DEBT? Let this nonprofit help you lower your credit card
interest charges and consolidate your payments without a loan. If you
have $5000 in credit card debt, click here.
http://click.topica.com/aaaav5bz8Rp2bAfyICc/Edebt
------------------------------------------------------------
--
Visit http://www.ShareTheNet.com for info about ShareTheNet
Visit http://www.topica.com/lists/sharethenet for info about this list
___________________________________________________________
T O P I C A The Email You Want. http://www.topica.com/t/16
Newsletters, Tips and Discussions on Your Favorite Topics
