Home page logo

nanog logo nanog mailing list archives

Re: Common operational misconceptions
From: Mark Andrews <marka () isc org>
Date: Mon, 20 Feb 2012 12:21:44 +1100

In message <201202200107.q1K17W5l000294 () aurora sol net>, Joe Greco writes:
I have running code to make the reverse translations, with
which protocols such as ftp with PORT commands are working.

No, I think you do not understand...

I have a NAT gateway with a single public address.

I have 15 FTP servers and 22 web servers behind it.

I want people to be able to go to ftp://<hostname> and/or =
http://<hostname> for each of them.


Your suggestion here would set many "security experts" heads on fire.

Whatever will they do when NAT doesn't make such things virtually


Time to write "How to use SRV with FTP".  CGN is going to push
the extension of a whole lot of protocols.

Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]