Re: NAT vs. Security
From: Herb Martin (news_at_LearnQuick.com)
Date: 04/04/04
- Next message: Herb Martin: "Re: Can Ping the router but notmyself ..."
- Previous message: Yaketyak: "Re: Windows Hangs"
- In reply to: Scott D. Pearson: "Re: NAT vs. Security"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 3 Apr 2004 19:18:54 -0600
"Scott D. Pearson" <scott.pearson@PearsonCTS.com> wrote in message
news:61Ebc.35996$o_.13319@fe1.texas.rr.com...
> Herb -- Thanks for the reply.
>
> In the meantime, I have received a reply from Iomega -- the makers of the
> network drive in question. Long story short, they ship software with the
> external hard drive which is REQUIRED to be installed on each pc which may
> want to access the drive. And that software permits the drive to be
accessed
> by only one user at a time. So it turns out that not only is the drive
> protected behind the NAT, it is also "protected" by the special Iomega
> software required to access it.
Makes sense, but could the "one user" be a hacker?
Even if they didn't get access completely, could that
constitutes a Denial of Service attack? Would you
care?
> So with the combined protection afforded by the NAT and the required
Iomega
> software, the network drive should be plenty secure directly connected to
a
> router.
>
> BTW: This drive is 120GB for $200 and can be connected directly to the
> router via ethernet (my option), directly to a PC via USB, or directly to
a
> PC via ethernet cross-over cable. That's why I am choosing this particular
> external drive. I like the ethernet connectivity without giving up the USB
> option. No Firewire, but USB 2.0 is just as fast as Firewire so no big
deal.
I would just as soon stick a drive in one of my existing servers
for less money or more space and better performance but that
isn't what you asked about.
-- Herb Martin > > > > "Herb Martin" <news@LearnQuick.com> wrote in message > news:OgIjBOVGEHA.2612@TK2MSFTNGP09.phx.gbl... > > > Since the external hard drive will not be connected to a PC, that > external > > > hard drive will not be protected by Zone Alarm. The external hard drive > > will > > > only be protected by the NAT feature of the router. I have done some > > reading > > > on NAT (ref: http://www.homenethelp.com/web/explain/about-NAT.asp) but I > > am > > > still wondering if NAT alone is "enough" security for a hard drive with > > > sensitive information on it? > > > > Technically NAT offers no true security except the fact that > > typically only internal requests can start a conversation, but if > > this "hard drive" is going to be useful to you then obvious it > > needs to be shared and accessible so in some sense it either > > accepts requests or what does it do? > > > > If it accepts requests and you arrange the NAT (port mapping > > or address reservations) then it is going to be reachable and only > > you can decide if that meets your security needs. > > > > Remember too that for ordinary PCs that use NAT, it is unlikely > > (to impossible) for an outside machine to mount an unsolicited > > attack but the moment that PC starts making requests it MIGHT > > expose itself to malicious sites -- this isn't nearly bad as something > > that accepts incoming requests on arbitrary ports but it is not true > > isolation or protection and there is no authentication required or > > provided by the NAT (unless it is also some sort of VPN server.) > > > > -- > > Herb Martin > > > > > >
- Next message: Herb Martin: "Re: Can Ping the router but notmyself ..."
- Previous message: Yaketyak: "Re: Windows Hangs"
- In reply to: Scott D. Pearson: "Re: NAT vs. Security"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
