| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <D54AB2ADB72C164B8251422DE1D3234222AD4A@srv900045> From: svgn at orbid.be (Serge van Ginderachter (svgn)) Subject: Learn from history? > From: Andrew Simmons > > do you have any idea how much small businesses have just a > NAT router > > instead of a real firewall? > > in what way is a nat box *not* a stateful firewall? First, I don't believe I said they weren't. Depends on which 'box' we're talking. Some simple SMC or USRobotics router vs. e.g. IPCop etc. Secondly, that was not the problem I was referring to. The problem with what I understood by a NAT box, is the fact they generally do not allow outbound filtering, meaning a hacker who made a first step inside, has all ports open to backfire command shell, download some hack tools etc. Simple example: a cracker sends you a mail with an url you should click. The url is not 'http://server/' but \\server\share, which you might not notice. With such a simple trick he can have a netbios session and read out a whole lot of information about your system. Now with outbound filtering that could be stopped. Which is definitely not possible with a simple NAT box. Everyone know NETBIOS must be blocked incoming. Now I hope you understand why it should be blocked outgoing also. Serge
Powered by blists - more mailing lists