|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Anit-Virus help for all of us??????
On Mon, 24 Nov 2003, Gerardo Gregory wrote: > > # Machine behind NAT while it is being updated > > NAT is not a security feature, neither does it provide any real > security, just one to one translations. PAT fall into the same > category. Just cause your broadband router (ahem, switch) vendor states > that NAT (in reality PAT) as one of their security 'knobs' does not make > it in any way a security feature when implemented. Only thing that > might benefit is IPv4 address space. > > Make a NAT Translation to a workstation (nothing else) and see if you > can still carryout some of the exploits making the rounds. Nor does it stop the user inviting an exploit to run on their PC, eg web download, email attachment.. based on seeing plenty of virused/exploited machines at companies I've worked at which all had AV, FW, NAT etc they still had the human factor who would override a warning because they got sent what looks like a joke email with an attached .scr that later turns out to be a new virus/worm.. Steve
|