Home page logo
/

nanog logo nanog mailing list archives

Re: Common operational misconceptions
From: Mark Andrews <marka () isc org>
Date: Mon, 20 Feb 2012 12:21:44 +1100


In message <201202200107.q1K17W5l000294 () aurora sol net>, Joe Greco writes:
I have running code to make the reverse translations, with
which protocols such as ftp with PORT commands are working.

No, I think you do not understand...

I have a NAT gateway with a single public address.

I have 15 FTP servers and 22 web servers behind it.

I want people to be able to go to ftp://<hostname> and/or =
http://<hostname> for each of them.

Owen,

Your suggestion here would set many "security experts" heads on fire.

Whatever will they do when NAT doesn't make such things virtually
impossible?

:-)

Time to write "How to use SRV with FTP".  CGN is going to push
the extension of a whole lot of protocols.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]