Security Basics mailing list archives

RE: NAT external/Public IP

From: "Eric Furman" <ericfurman () fastmail net>
Date: Thu, 25 Oct 2007 13:13:07 -0400

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Ansgar -59cobalt- Wiechers
Sent: 25 October 2007 15:49
To: security-basics () securityfocus com
Subject: Re: NAT external/Public IP

On 2007-10-25 crazy frog crazy frog wrote:

On 24 Oct 2007 15:46:21 -0000, smarts_buy () yahoo com wrote:

Would like know is ther any security concern to bring in 
external/public IP with out NAT to inside of the enterprise network.
Is it any way more secure if we use NAT?

[...]

2)If you allow lots of machine to direct access the internet with 
external ip they may pose a security risk.


How would that pose a risk that would not exist with NAT'ed machines?


On Thu, 25 Oct 2007 16:28:13 +0100, "Jason Alexander"
<jalexander () plus net> said:

 If its not a security risk then why is it a PCI requirement?


If you are talking about Payment Card Industry (PCI) Data Security
Standard,
there isn't one for NAT.

Current thread:

NAT external/Public IP smarts_buy (Oct 24)
- Re: NAT external/Public IP crazy frog crazy frog (Oct 25)
  - Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 25)
    - RE: NAT external/Public IP Jason Alexander (Oct 25)
    - RE: NAT external/Public IP Eric Furman (Oct 25)
    - RE: NAT external/Public IP Jason Alexander (Oct 26)
    - RE: NAT external/Public IP Grant Donald (Oct 29)
    - Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 29)
    - Re: NAT external/Public IP Michael Painter (Oct 30)
    - RE: NAT external/Public IP Grant Donald (Oct 30)
    - Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 30)
    - RE: NAT external/Public IP Security Incidents (Oct 30)
    - Re: NAT external/Public IP crazy frog crazy frog (Oct 31)
    - RE: NAT external/Public IP Dan Lynch (Oct 31)
    - Re: NAT external/Public IP Chris Barber (Oct 25)

(Thread continues...)