[134867] in North American Network Operators' Group
Re: Is NAT can provide some kind of protection?
daemon@ATHENA.MIT.EDU (Steven Kurylo)
Wed Jan 12 14:41:31 2011
In-Reply-To: <AANLkTi=0UXXE61GTba1ZEH0DP_Ba_h-KUXvq8iuifTtQ@mail.gmail.com>
Date: Wed, 12 Jan 2011 11:39:59 -0800
From: Steven Kurylo <skurylo+nanog@gmail.com>
To: Paul Ferguson <fergdawgster@gmail.com>
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> There is a least one situation where NAT *does* provide a small amount of
> necessary security.
>
> Try this at home, with/without NAT:
>
> 1. Buy a new PC with Windows installed
> 2. Install all security patches needed since the OS was installed
>
> Without NAT, you're unpatched PC will get infected in less than 1 minute.
Its the firewall included with the NAT which protects against the
infection, not the NAT.
So you can remove the NAT, leave the firewall, and be just as secure.
