Security Basics mailing list archives

Re: NAT external/Public IP

From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 25 Oct 2007 13:43:26 +0200

On 2007-10-24 smarts_buy () yahoo com wrote:

Would like know is ther any security concern to bring in
external/public IP with out NAT to inside of the enterprise network.
Is it any way more secure if we use NAT?


No. NAT is a technology designed to (among other things) *enable*
communication between private and public networks. Firewalling OTOH was
designed to *restrict* communication between networks. Defining
appropriate firewall rules will secure a public IP address just as well
as a private one.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

Current thread:

Re: NAT external/Public IP, (continued)
- - - Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 30)
    - RE: NAT external/Public IP Security Incidents (Oct 30)
    - Re: NAT external/Public IP crazy frog crazy frog (Oct 31)
    - RE: NAT external/Public IP Dan Lynch (Oct 31)
    - Re: NAT external/Public IP Chris Barber (Oct 25)
    - RE: NAT external/Public IP Nick Vaernhoej (Oct 25)
    - Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 25)
    - Re: NAT external/Public IP Brett (Oct 25)
    - Re: NAT external/Public IP crazy frog crazy frog (Oct 25)
    - Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 25)
- Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 25)
- RE: NAT external/Public IP Marc Payne (Oct 25)
- Re: NAT external/Public IP gavin . williams (Oct 25)
- Re: Re: NAT external/Public IP proneetb (Oct 25)