Is NAT can provide some kind of protection?

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Wed Jan 12 17:12:10 UTC 2011


On Wed, 12 Jan 2011 16:01:15 +0100, =?ISO-8859-1?Q?Lor=E1nd_Jakab?= said:

> This setup will provide *less* security. Apart from the DoS scenario,
> should your public facing server get compromised, you have given easy
> access to your private infrastructure.

If a public server behind a NAT gets whacked via a php vulnerability, you've
*still* given away access to everything behind the NAT that server can reach.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110112/053ec3ed/attachment.sig>


More information about the NANOG mailing list