Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NAT external/Public IP

From: "Chris Barber" <cmbarber () gmail com>
Date: Thu, 25 Oct 2007 11:24:33 -0700
PCI Compliance does not equal a secure network.  But it brings you
closer than not being compliant.

Chris.


On 10/25/07, Jason Alexander <jalexander () plus net> wrote:

If its not a security risk then why is it a PCI requirement?

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ansgar -59cobalt- Wiechers
Sent: 25 October 2007 15:49
To: security-basics () securityfocus com
Subject: Re: NAT external/Public IP

On 2007-10-25 crazy frog crazy frog wrote:

On 24 Oct 2007 15:46:21 -0000, smarts_buy () yahoo com wrote:

Would like know is ther any security concern to bring in
external/public IP with out NAT to inside of the enterprise network.
Is it any way more secure if we use NAT?

[...]

2)If you allow lots of machine to direct access the internet with
external ip they may pose a security risk.


How would that pose a risk that would not exist with NAT'ed machines?

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches becoming available."
--Jason Coombs on Bugtraq
Previous By Date Next
Previous By Thread Next

Current thread: