Home page logo
/

basics logo Security Basics mailing list archives

Re: NAT external/Public IP
From: "Chris Barber" <cmbarber () gmail com>
Date: Thu, 25 Oct 2007 11:24:33 -0700

PCI Compliance does not equal a secure network.  But it brings you
closer than not being compliant.

Chris.


On 10/25/07, Jason Alexander <jalexander () plus net> wrote:
If its not a security risk then why is it a PCI requirement?

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ansgar -59cobalt- Wiechers
Sent: 25 October 2007 15:49
To: security-basics () securityfocus com
Subject: Re: NAT external/Public IP

On 2007-10-25 crazy frog crazy frog wrote:
On 24 Oct 2007 15:46:21 -0000, smarts_buy () yahoo com wrote:
Would like know is ther any security concern to bring in
external/public IP with out NAT to inside of the enterprise network.
Is it any way more secure if we use NAT?
[...]
2)If you allow lots of machine to direct access the internet with
external ip they may pose a security risk.

How would that pose a risk that would not exist with NAT'ed machines?

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches becoming available."
--Jason Coombs on Bugtraq




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]