nanog mailing list archives

Re: FW: Worms versus Bots

From: "Alexei Roudnev" <alex () relcom net>
Date: Thu, 6 May 2004 22:06:09 -0700


Any simple NAT (PNAT, to be correct) box decrease a chance of infection by
last worms to 0. Just 0.0000%.
O course, it does not protects very well from intentional attacks, and do
not protect against e-mail bombs and
java script exploints.

In reality, having WIN2K after NAT box 100% time connected to internet is
safer, than to have Windows with all patches
installed every day, directly connected. Reason is simple:
- when system after Win2K do not initiate internet connections, it is 100%
safe;
- when such system initiates internet connections, it expose only
client-side ports and is not volnurable to any scans etc;

So, I agree - NAT box is the very first _mandatiory_ thing at home; all
other (fiorewaall etc) are not necessary fro most homehouses at all (but
antiviruses are, if you have e-mail or use web).



On Wed, 5 May 2004 Michael.Dillon () radianz com wrote:

(To deflect the inevitable "NAT is not a firewall" complaints, the box

is a

stateful inspection firewall -- as all NAT boxes actually are).


Hmmm, are you saying that the solution to many so-called
Internet security vulnerabilities is for people to
use an SI Firewall, aka Simple, Inexpensive Firewall,
aka Stateful Inspection Firewall?


Its not a real solution, its just goes long way to reduce number of

infections

and how quickly some worms can spread (although NAT would have no efffect
on spread of viruses by email so human factor is primary problem).

One wonders why the DSL/cable router manufacturers
haven't caught on to this idea before now.


Its not manufacturers who did not caught up (in fact they did and offer
very inexpensive personal dsl routers goes all the way to $20 range), its
DSL providers who still offer free dsl modem (device at least twice more
expensive then router) and free network card and complex and instructions
on how to set this all up on each different type of pc. No clue at all
that it would be only very marginally more expensive for them to integrate
features of such small nat router into dsl modem and instead of offering
PPPoverEthernet it could just offer NAT and DHCP and make it so much

simpler

for many of those lusers with only light computer skills to set this all

up.


-- 
William Leibzon
Elan Networks
william () elan net

Current thread:

Re: Worms versus Bots, (continued)
- - - Re: Worms versus Bots Paul Jakma (May 13)
    - Re: Worms versus Bots Rick Ernst (May 11)
- RE: Worms versus Bots Eric Krichbaum (May 04)
- RE: FW: Worms versus Bots Smith, Donald (May 04)
  - RE: FW: Worms versus Bots Sean Donelan (May 04)
    - RE: FW: Worms versus Bots Daniel Senie (May 04)
    - RE: FW: Worms versus Bots Michael . Dillon (May 05)
    - RE: FW: Worms versus Bots william(at)elan.net (May 05)
    - Re: Worms versus Bots Matthew Crocker (May 05)
    - Re: FW: Worms versus Bots Robert E. Seastrom (May 05)
    - Re: FW: Worms versus Bots Alexei Roudnev (May 06)
    - Re: FW: Worms versus Bots Chris Adams (May 07)
    - Re: FW: Worms versus Bots Jeff Shultz (May 07)
    - Re: FW: Worms versus Bots Alexei Roudnev (May 07)
- RE: FW: Worms versus Bots Smith, Donald (May 04)
- RE: FW: Worms versus Bots Smith, Donald (May 04)
  - Message not available
    - RE: FW: Worms versus Bots Daniel Senie (May 04)
  - Message not available
    - RE: FW: Worms versus Bots Rob Nelson (May 04)
    - Re: Worms versus Bots Iljitsch van Beijnum (May 06)
    - Re: Worms versus Bots Valdis . Kletnieks (May 06)
- RE: FW: Worms versus Bots Michel Py (May 04)

(Thread continues...)