Re: NAT vs. Security

From: Herb Martin (news_at_LearnQuick.com)
Date: 04/03/04

Next message: John Bahran: "VPN"
Previous message: Scott D. Pearson: "Re: How can I change back to an offline Domain from a workgroup?"
In reply to: Scott D. Pearson: "NAT vs. Security"
Next in thread: Scott D. Pearson: "Re: NAT vs. Security"
Reply: Scott D. Pearson: "Re: NAT vs. Security"
Messages sorted by: [ date ] [ thread ]

Date: Sat, 3 Apr 2004 02:13:08 -0600

> Since the external hard drive will not be connected to a PC, that external
> hard drive will not be protected by Zone Alarm. The external hard drive
will
> only be protected by the NAT feature of the router. I have done some
reading
> on NAT (ref: http://www.homenethelp.com/web/explain/about-NAT.asp) but I
am
> still wondering if NAT alone is "enough" security for a hard drive with
> sensitive information on it?

Technically NAT offers no true security except the fact that
typically only internal requests can start a conversation, but if
this "hard drive" is going to be useful to you then obvious it
needs to be shared and accessible so in some sense it either
accepts requests or what does it do?

If it accepts requests and you arrange the NAT (port mapping
or address reservations) then it is going to be reachable and only
you can decide if that meets your security needs.

Remember too that for ordinary PCs that use NAT, it is unlikely
(to impossible) for an outside machine to mount an unsolicited
attack but the moment that PC starts making requests it MIGHT
expose itself to malicious sites -- this isn't nearly bad as something
that accepts incoming requests on arbitrary ports but it is not true
isolation or protection and there is no authentication required or
provided by the NAT (unless it is also some sort of VPN server.)

-- 
Herb Martin

Next message: John Bahran: "VPN"
Previous message: Scott D. Pearson: "Re: How can I change back to an offline Domain from a workgroup?"
In reply to: Scott D. Pearson: "NAT vs. Security"
Next in thread: Scott D. Pearson: "Re: NAT vs. Security"
Reply: Scott D. Pearson: "Re: NAT vs. Security"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: NAT vs. Security
... I have received a reply from Iomega -- the makers of the ... So with the combined protection afforded by the NAT and the required Iomega ... > accepts requests or what does it do? ...
(microsoft.public.win2000.networking)
Re: NAT vs. Security
... > external hard drive which is REQUIRED to be installed on each pc which may ... >>> only be protected by the NAT feature of the router. ... >> accepts requests or what does it do? ... >> isolation or protection and there is no authentication required or ...
(microsoft.public.win2000.networking)
Re: XP Home: selective folder sharing
... > Explaining bridges vs NAT is not easy. ... > network are visible to all other components on each network. ... > With a bridge (if Falcon-II is providing one), ... > For protection inside the NAT router, ...
(microsoft.public.windowsxp.network_web)
Re: can a hacker do this?
... It is very likely that your ADSL router at least supports NAT, ... which does provide a basic level of protection against outside attack. ... Your case is a very typical hard disk mechanical break down, ...
(comp.security.firewalls)
Re: Norton Internet Security 2005 Personal Firewall slows down Windows XP startup
... > have a router. ... that a NAT device will not protect the user from - namely the user. ... personal firewall application running on a computer can work very nicely ... they can and do offer an extra layer of protection. ...
(comp.security.firewalls)