RE: Home Environment Cisco

[hermit921 <hermit921 () yahoo com>]

Given all this discussion, I have to ask about NAT.  I have a small Netgear 
DSL router (using NAT) at home.  I consider it a great firewall because it 
doesn't let in any packets at all when I run nmap scans from the 
outside.  It syslogs to my unix machine.  What more could I want in a 
firewall for a home environment?

hermit921

At 10:26 PM 5/29/2003 +0200, Ben Nagy wrote:
> > -----Original Message-----
> > From: firewall-wizards-admin () honor icsalabs com
> > [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf
> > Of salgak () speakeasy net
> > Sent: Thursday, May 29, 2003 9:39 PM
> > To: nathan.grandbois () cerdant com; firewall-wizards () honor icsalabs com
> >
> > > -----Original Message-----
> > > From: Nathan [mailto:nathan.grandbois () cerdant com]
> > > He has a Solaris ultra 60, and two win98 workstations at
> > > home he wants to be able to communicate, as well as have access to the
> > > internet (NAT).
> [deleted]
> >
> > Reminder: a 50-dollar router from BestBuy also includes a
> > Firewall.  A Cisco 1600 or 2500-series will not.  And NAT is
> > NOT a firewall.
>
> [deleted]
>
> I'm not going to run over the NAT / FW discussion again, I think my opinion
> on the matter is pretty well documented in the archives, but I am more than
> happy to use _dynamic_ NAT as a pretty effective security mechanism for home
> users. I do normally back it up with ACLs anyway, but that's just out of
> general principle.
>
> ben

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards