[pchelpers] Re: Be Careful

The (few) NAT routers I've come across don't let ANY unsolicited traffic
enter the LAN from outside by default. To run a server, for instance, you
have to set up a "pinhole" to specifically route incoming traffic to a
machine on the LAN.

AFAIK, the NAT process involves taking the IP packet from the LAN
(requesting data from another address on the internet), substituting a
modified IP address (the NAT router's IP) as the source as well as changing
the source port number to some random value. The router then looks for a
reply from the machine on the net directed to the particular port number it
substituted, then uses its internal lookup to re-route the IP packet to the
local LAN machine's IP.

Example (simplified): your PC has a private IP of 192.168.0.20 and requests
a web page from 202.16.123.99 via your router which has an internet-visible
IP of 200.23.34.45.

Your PC generates an IP packet for destination port 80 (http), with a random
reply port number of 23456 (this is a random number generated by your PC
from 1024 to 65535)

Packet: Dest=202.16.123.99:80, Source=192.168.0.20:23456

Your packet travels to your router which generates a new random port number
45678 & substitutes its own address, then sends it out to the big wide
world:

Packet: Dest=202.16.123.99:80, Source=200.23.34.45:45678

The webserver sends a reply to the router, which sees the special 45678 port
number & knows that the reply packet is destined for 192.168.0.20:23456 &
thus the reply ends back up at your PC.

Pretty straightforward, right?

The result is that the router can ignore any unsolicited traffic that is
destined for one of the 64000-odd addresses it *doesn't* know about. There's
probably more to it but its late here in NZ & I can't remember it.

Jeremy

-----Original Message-----
From: pchelpers-bounce@xxxxxxxxxxxxx
[mailto:pchelpers-bounce@xxxxxxxxxxxxx]On Behalf Of G. Cox
Sent: Wednesday, 24 September 2003 10:28
To: pchelpers@xxxxxxxxxxxxx
Subject: [pchelpers] Re: Be Careful


Billy,
I was thinking about getting an NAT router. Can you tell me how they
accomplish the work of a firewall? How is incoming and outgoing access
permission worked out?

gcox
----- Original Message -----
From: "Billyus" <billy.e@xxxxxxxxxxxx>
To: <pchelpers@xxxxxxxxxxxxx>
Sent: Tuesday, September 23, 2003 5:45 AM
Subject: [pchelpers] Re: Be Careful


SSHHHHH...........quiet Inge you never know who's listening, Neither have I,
so don't say anything or we might,  maybe the lists or people we know have
good security in themselves, ie, not opening any unsolicited attachments.  I
only run AVG and a NAT router, but I have had mails with attachments on that
did include virus, but they where never opened, just binned

Billy
----- Original Message -----
From: "Inge" <inge@xxxxxxxxx>
To: <pchelpers@xxxxxxxxxxxxx>
Sent: Tuesday, September 23, 2003 1:55 AM
Subject: [pchelpers] Re: Be Careful


> Jackie,
>
> I do not try to be funny, but everybody seems to get these viruses. What =
> is
> wrong with my machine. I have not received one of them yet? I run Norton =
> and
> AVG and I update all the time. I also have Zone alarm Pro.=20
>
> It's no laughing matter.
> Inge
>
>
>
> -----Original Message-----
> From: pchelpers-bounce@xxxxxxxxxxxxx =
> [mailto:pchelpers-bounce@xxxxxxxxxxxxx]
> On Behalf Of Jacqueline MacWhirter
> Sent: Monday, September 22, 2003 12:31 PM
> To: PC HELPERS
> Subject: [pchelpers] Be Careful
>
>
> Be careful everyone the  viruses are coming in like crazy. Make sure =
> your
> panes are closed in your email . Every download of mail I am getting =
> about 5
> viruses each caught and deleted  everyone of them has been caught so =
> far.
> Please take care--=20
>
> Jackie
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003
> =20
>
>
> Regards, John Durham (list moderator)
<http://modecideas.com/contact.html?sig>
> Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
> List archives at http://www.freelists.org/archives/pchelpers
> PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
> Good advice is like good paint- it only works if applied.
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.520 / Virus Database: 318 - Release Date: 19/09/03

Regards, John Durham (list moderator)
<http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Good advice is like good paint- it only works if applied.



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/03

Regards, John Durham (list moderator)
<http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Good advice is like good paint- it only works if applied.

Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Good advice is like good paint- it only works if applied.

Other related posts: