[65363] in North American Network Operators' Group
Re: Anit-Virus help for all of us??????
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Mon Nov 24 16:26:46 2003
Date: Mon, 24 Nov 2003 16:25:36 -0500
From: Suresh Ramasubramanian <suresh@outblaze.com>
To: Gerardo Gregory <ggregory@affinitas.net>
Cc: Valdis.Kletnieks@vt.edu, Petri Helenius <pete@he.iki.fi>,
Sean Donelan <sean@donelan.com>, nanog@merit.edu
In-Reply-To: <3FC2763B.70005@affinitas.net>
Errors-To: owner-nanog-outgoing@merit.edu
Gerardo Gregory writes on 11/24/2003 4:20 PM:
> NAT is not a security feature, neither does it provide any real
> security, just one to one translations. PAT fall into the same
It is not a cure all and I never said it was one. It cuts the risk down
a little, is all.
> Most broadband providers still perform a NAT translation downstream, is
> it helping alleviate any of the attacks/compromises? NOT!!!!!
A lot of it is because of infected hosts in a subnet searching around
for open windows shares on IPs around it.
> I know Microsoft has a product that allows you to donwload patches to a
> centralized server (within your infrastructure) and let's you patch your
> internal systems from it. Heard our MS admins talking about it a while
> back....
Sounds like a good thing to have around.
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
