Security Basics mailing list archives

RE: NAT external/Public IP

From: Jason Alexander <jalexander () plus net>
Date: Thu, 25 Oct 2007 16:28:13 +0100

 If its not a security risk then why is it a PCI requirement?

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ansgar -59cobalt- Wiechers
Sent: 25 October 2007 15:49
To: security-basics () securityfocus com
Subject: Re: NAT external/Public IP

On 2007-10-25 crazy frog crazy frog wrote:

On 24 Oct 2007 15:46:21 -0000, smarts_buy () yahoo com wrote:

Would like know is ther any security concern to bring in 
external/public IP with out NAT to inside of the enterprise network.
Is it any way more secure if we use NAT?

[...]

2)If you allow lots of machine to direct access the internet with 
external ip they may pose a security risk.


How would that pose a risk that would not exist with NAT'ed machines?

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches becoming available."
--Jason Coombs on Bugtraq

Current thread:

NAT external/Public IP smarts_buy (Oct 24)
- Re: NAT external/Public IP crazy frog crazy frog (Oct 25)
  - Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 25)
    - RE: NAT external/Public IP Jason Alexander (Oct 25)
    - RE: NAT external/Public IP Eric Furman (Oct 25)
    - RE: NAT external/Public IP Jason Alexander (Oct 26)
    - RE: NAT external/Public IP Grant Donald (Oct 29)
    - Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 29)
    - Re: NAT external/Public IP Michael Painter (Oct 30)
    - RE: NAT external/Public IP Grant Donald (Oct 30)
    - Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 30)
    - RE: NAT external/Public IP Security Incidents (Oct 30)
    - Re: NAT external/Public IP crazy frog crazy frog (Oct 31)
    - RE: NAT external/Public IP Dan Lynch (Oct 31)

(Thread continues...)