• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

how safe are you behind a nat on a lan?

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Firewalls // Intrusion Detection - External Security

View previous topic :: View next topic  
Author Message
blackmagic22
Just Arrived
Just Arrived


Joined: 20 Dec 2002
Posts: 0


Offline

PostPosted: Tue Jan 11, 2005 6:16 pm    Post subject: how safe are you behind a nat on a lan? Reply with quote

I have a adsl modem .

My nat settings on the modem are to block any externally initiated connection attemps.

Thank you.
Back to top
View user's profile Send private message
snootalope
Just Arrived
Just Arrived


Joined: 14 Jan 2003
Posts: 4
Location: IA _ USA

Offline

PostPosted: Tue Jan 11, 2005 7:37 pm    Post subject: Reply with quote

well, your modem must have some kind of built in firewall or acl's.....unless you've specified it to allow certain service in like http or ftp you have nothing to worry about except yourself!! Laughing
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
eip
Just Arrived
Just Arrived


Joined: 12 Aug 2004
Posts: 0


Offline

PostPosted: Tue Jan 11, 2005 7:41 pm    Post subject: Reply with quote

You are still vulnerable to any attack that uses your web browser or email client.

eip
Back to top
View user's profile Send private message
blackmagic22
Just Arrived
Just Arrived


Joined: 20 Dec 2002
Posts: 0


Offline

PostPosted: Tue Jan 11, 2005 8:05 pm    Post subject: Reply with quote

I know about the browsers atc ,but for the likes of worms etc im fine so.

Thats good to know.

Thanks both of you.
Back to top
View user's profile Send private message
>/dev/null
Just Arrived
Just Arrived


Joined: 07 Jan 2005
Posts: 0


Offline

PostPosted: Tue Jan 11, 2005 10:36 pm    Post subject: Reply with quote

Firewalk for linux works wonders it will bypass NAT and test for ACls and then initiate scans on the private network. Granted even thou you may be scanned internally it only allows the attacker to gain a footprint of your network. Your best bet depending on the network topology is to setup a DMZ or "victim" box in a chroot environment and allow the attacker to attack the "Honeypot". That is If you are running mission critical aps in a enterprise environment. At home I would stick a *nix box between the Modem and the Computer or the Router and the internal computer/switch. Grab smoothwall from http://www.smoothwall.org install it on a P133 + /w 64mb RAM, 2x NICs minimum. Smoothwall has transparent proxy capabilites, nids, and okay packet rules ingress only (incomming (DENY)). I would work on egress (outgoing( DENY all ALLOW only TCP 21,22,80 etc.) filters for the smotthwall. Eips is absolutly right
Quote:
You are still vulnerable to any attack that uses your web browser or email client.
You can deal with most of the webbased attacks by using the firewall/proxy setup + using mozilla/thunderbird as a web browser/email client. Configure IE with a NULL proxy setting (tools->Internet options->connections->LAN settings->proxy 10.2.2.2) so to some non-existant private net. Then the apps that exploit IE will hit the NULL proxy coupled with egress filters you are mostly secure. Granted MSN wont work and other apps that require IE but that is another evil unto itself. Note: Find alternatives apps for the ones that require IE.

PS: If you want to go even farther to the Nth degree the NULL proxy can be a packet trap so create a proxy that works w/o a gateway but is a NIDs/Sniffer so you can see what netblock the app is trying to contact + data content etc.

Regards
Back to top
View user's profile Send private message
blackmagic22
Just Arrived
Just Arrived


Joined: 20 Dec 2002
Posts: 0


Offline

PostPosted: Tue Jan 11, 2005 11:01 pm    Post subject: Reply with quote

Holly god dev null.

Im only at home mate.

I'm not running the cia. Very Happy

Thanks for your detailed reply.

I will look at firewalk and reply back to you.

Edit

i have read how firewalk works and it poses no threat to my internal network behind the nat i hope.

Thanks
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Firewalls // Intrusion Detection - External Security All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register