mailing list archives
Re: NAT external/Public IP
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 25 Oct 2007 19:23:13 +0200
On 2007-10-25 Jason Alexander wrote:
On 25 October 2007 15:49 Ansgar -59cobalt- Wiechers wrote:
On 2007-10-25 crazy frog crazy frog wrote:
On 24 Oct 2007 15:46:21 -0000, smarts_buy () yahoo com wrote:
Would like know is ther any security concern to bring in
external/public IP with out NAT to inside of the enterprise network.
Is it any way more secure if we use NAT?
2)If you allow lots of machine to direct access the internet with
external ip they may pose a security risk.
How would that pose a risk that would not exist with NAT'ed machines?
If its not a security risk then why is it a PCI requirement?
Aside from the fact that this is no answer to my question: apparently
because the people specifying this failed to understand that obfuscation
of IP addresses doesn't add to a system's security. Either the system is
secure, then it doesn't matter whether someone knows its address, or it
isn't, in which case you're just relying on luck, hoping that the Bad
Guys(tm) won't find you. Which you shouldn't.
"All vulnerabilities deserve a public fear period prior to patches
--Jason Coombs on Bugtraq
Re: NAT external/Public IP Ansgar -59cobalt- Wiechers (Oct 25)
RE: NAT external/Public IP Marc Payne (Oct 25)
Re: NAT external/Public IP gavin . williams (Oct 25)
Re: Re: NAT external/Public IP proneetb (Oct 25)