Security Basics mailing list archives

Re: Cable Vs. DSL

From: Brian Eckman <eckman () umn edu>
Date: Wed, 30 Apr 2003 09:41:07 -0500

NAT basically provides you with about as much security as your mp3player, which is to say none at all.

Now that is just absurd. His mp3 player probably has several securityflaws like being tricked into executing file types it has no businessknowing about or simple old-fashioned buffer overflows. ;-)

You mean to tell me, you take the average cable modem luser with filesharing turned on and administrator with no password, and you put thembehind a router with NAT and there is *no* benefit? I don't know aboutyour router but mine was configured out of the box to not listed on*any* port by default, allowing me if I choose to do so to open SSH,Web, etc. Mine certainly isn't letting people login to my Windows (orother) machines remotely.

Hypothetical situation. I rebuild my Windows box at home and give it noAdministrator password. Try logging into my Windows box via my router'sIP address. Then, try logging into it using 192.168.101.101. Take myrouter out and put the box on the net, and you'd have no problem loggingin it then, right?

No single layer of security will protect you from everything. However,NAT provides another layer of security that *is* beneficial to most people.


--
Brian Eckman
Security Analyst
OIT Security and Assurance
University of Minnesota
612-626-7737

"There are 10 types of people in this world. Those who
understand binary and those who don't."


---------------------------------------------------------------------------

FastTrain has your solution for a great CISSP Boot Camp. The industry's mostrecognized corporate security certification track, provides a comprehensiveprospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilizationof pertinent security tools. For a limited time you can enter for a chanceto win one of the latest technological innovations, the SEGWAY HT.Log onto http://www.securityfocus.com/FastTrain-security-basics----------------------------------------------------------------------------

Current thread:

RE: Cable Vs. DSL, (continued)
- - - RE: Cable Vs. DSL David Gillett (Apr 25)
    - Re: Cable Vs. DSL Chris Travers (Apr 25)
    - Re: Cable Vs. DSL Callan K L Tham (Apr 25)
    - Re: Cable Vs. DSL Frank Gearhart (Apr 28)
- RE: Cable Vs. DSL Lucas Zaichkowsky (Apr 23)
- Re: Cable Vs. DSL David Vertie (Apr 24)
- RE: Cable Vs. DSL Cosentino, Guilherme V. (Apr 28)
- RE: Cable Vs. DSL Cosentino, Guilherme V. (Apr 28)
  - RE: Cable Vs. DSL Xueyan Liu (Apr 28)
- Re: Cable Vs. DSL Chris Berry (Apr 29)
  - Re: Cable Vs. DSL Brian Eckman (Apr 30)
- RE: Cable Vs. DSL Jordan Jesse - Toronto-MROC (Apr 30)