Full Disclosure mailing list archives
RE: Learn from history?
From: "Serge van Ginderachter (svgn)" <svgn () orbid be>
Date: Thu, 6 May 2004 21:54:54 +0200
From: Andrew Simmonsdo you have any idea how much small businesses have just aNAT routerinstead of a real firewall?in what way is a nat box *not* a stateful firewall?
First, I don't believe I said they weren't. Depends on which 'box' we're talking. Some simple SMC or USRobotics router vs. e.g. IPCop etc. Secondly, that was not the problem I was referring to. The problem with what I understood by a NAT box, is the fact they generally do not allow outbound filtering, meaning a hacker who made a first step inside, has all ports open to backfire command shell, download some hack tools etc. Simple example: a cracker sends you a mail with an url you should click. The url is not 'http://server/' but \\server\share, which you might not notice. With such a simple trick he can have a netbios session and read out a whole lot of information about your system. Now with outbound filtering that could be stopped. Which is definitely not possible with a simple NAT box. Everyone know NETBIOS must be blocked incoming. Now I hope you understand why it should be blocked outgoing also. Serge _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Learn from history?, (continued)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)
- Re: Learn from history? Ondrej Krajicek (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Alerta Redsegura (May 06)
- RE: Learn from history? Ferris, Robin (May 06)
- RE: Learn from history? Alerta Redsegura (May 06)
- RE: Learn from history? Steve Bremer (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? full-disclosure (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Ng, Kenneth (US) (May 10)
- RE: Learn from history? Alerta Redsegura (May 10)
- RE: Learn from history? Michal Zalewski (May 10)
- RE: Learn from history? Alerta Redsegura (May 10)
- RE: Learn from history? Gwendolynn ferch Elydyr (May 10)
- Re: Learn from history? Calum (May 11)
- RE: Learn from history? Ron DuFresne (May 11)
- RE: Learn from history? Michal Zalewski (May 10)
- RE: Learn from history? Alerta Redsegura (May 10)
- Re: Learn from history? James Riden (May 10)
- RE: Learn from history? Steffen Kluge (May 11)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)