[134847] in North American Network Operators' Group
Re: Is NAT can provide some kind of protection?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Wed Jan 12 12:14:16 2011
To: =?ISO-8859-1?Q?Lor=E1nd_Jakab?= <ljakab@ac.upc.edu>
In-Reply-To: Your message of "Wed, 12 Jan 2011 16:01:15 +0100."
<4D2DC23B.5080707@ac.upc.edu>
From: Valdis.Kletnieks@vt.edu
Date: Wed, 12 Jan 2011 12:12:10 -0500
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1294852330_4778P
Content-Type: text/plain; charset=us-ascii
On Wed, 12 Jan 2011 16:01:15 +0100, =?ISO-8859-1?Q?Lor=E1nd_Jakab?= said:
> This setup will provide *less* security. Apart from the DoS scenario,
> should your public facing server get compromised, you have given easy
> access to your private infrastructure.
If a public server behind a NAT gets whacked via a php vulnerability, you've
*still* given away access to everything behind the NAT that server can reach.
--==_Exmh_1294852330_4778P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFNLeDqcC3lWbTT17ARAraZAJ90r8LTmlzmHzQ+P6uK7QC+4aciHgCg1MJV
m/L/n2iEQxXYpNX7jaF0O/0=
=xAi0
-----END PGP SIGNATURE-----
--==_Exmh_1294852330_4778P--
