Sign in with
Sign up | Sign in
Your question

Is my NAT preventing connections from the outside?

Last response: in Networking
Share
Anonymous
August 14, 2005 8:36:49 AM

Archived from groups: comp.security.firewalls (More info?)

On my Windows XP Pro home machine I have DSL Internet
service that uses a Westell Versalink 327W modem/router
which uses NAT (Network Address Translation).

I have read that if the NAT on a router is "dynamic" then
the NAT acts as a firewall against attempts to connect to
my machine from the outside. I would like to know if the
NAT on my router is configured properly so that it is
in fact preventing unwanted connections from the outside.

I have poked around the router config settings (careful not
to change any) but I could not find anything that said
clearly that the NAT was doing what I want.

How can I tell if my NAT is acting as a firewall?

Thanks,
Billy
Anonymous
August 14, 2005 11:07:16 AM

Archived from groups: comp.security.firewalls (More info?)

"Billy Smith" <zaster39sap@yahoo.com> wrote in news:BTzLe.5856$rR4.4530
@trnddc08:

> On my Windows XP Pro home machine I have DSL Internet
> service that uses a Westell Versalink 327W modem/router
> which uses NAT (Network Address Translation).
>
> I have read that if the NAT on a router is "dynamic" then
> the NAT acts as a firewall against attempts to connect to
> my machine from the outside. I would like to know if the
> NAT on my router is configured properly so that it is
> in fact preventing unwanted connections from the outside.

The NAT router does that by default by not forwarding unsolicited traffic
to the LAN. In other words, if a machine behind the router didn't make a
solicitation to a remote IP on the Internet, the inbound traffic is
dropped. If a machine behind the router made a solicitation to a remote
IP, then the traffic is allowed back to the machine.

>
> I have poked around the router config settings (careful not
> to change any) but I could not find anything that said
> clearly that the NAT was doing what I want.
>
> How can I tell if my NAT is acting as a firewall?
>

NAT software is not FW software and some say it is but I for one don't
agree that it's FW software. But by not forwarding requests to the LAN,
NAT does protect the LAN in a limited fashion.

However, the simplest form of a FW is a router that has a public facing
interface and WAN and private facing interface the LAN and separates two
networks which is usually the Internet (WAN) the network it is protecting
from and the (LAN) the machines behind the router connected to it and is
protecting them.

http://www.homenethelp.com/web/explain/about-NAT.asp

The link above has other topics like what is Port Forwading and the DMZ
if the router has a DMZ.

The two links may help you to understand FW technology a little better.

Duane :) 

http://www.firewall-software.com/firewall_faqs/what_is_...
http://www.more.net/technical/netserv/tcpip/firewalls/
Anonymous
August 14, 2005 11:29:22 AM

Archived from groups: comp.security.firewalls (More info?)

> How can I tell if my NAT is acting as a firewall?
>
> Thanks,
> Billy

You could try doing a scan of Common Ports and All Service Ports at Gibson
Research web site. It will indicate whether your ports are visible to
others.

http://www.grc.com/x/ne.dll?rh1dkyd2
Related resources
Anonymous
August 14, 2005 8:50:21 PM

Archived from groups: comp.security.firewalls (More info?)

Thanks, your responses are helpful.

--Billy

"Billy Smith" <zaster39sap@yahoo.com> wrote in message
news:BTzLe.5856$rR4.4530@trnddc08...
> On my Windows XP Pro home machine I have DSL Internet
> service that uses a Westell Versalink 327W modem/router
> which uses NAT (Network Address Translation).
>
> I have read that if the NAT on a router is "dynamic" then
> the NAT acts as a firewall against attempts to connect to
> my machine from the outside. I would like to know if the
> NAT on my router is configured properly so that it is
> in fact preventing unwanted connections from the outside.
>
> I have poked around the router config settings (careful not
> to change any) but I could not find anything that said
> clearly that the NAT was doing what I want.
>
> How can I tell if my NAT is acting as a firewall?
>
> Thanks,
> Billy
>
Anonymous
August 16, 2005 1:32:37 AM

Archived from groups: comp.security.firewalls (More info?)

On Sun, 14 Aug 2005 04:36:49 GMT, Billy Smith wrote:

> On my Windows XP Pro home machine I have DSL Internet
> service that uses a Westell Versalink 327W modem/router
> which uses NAT (Network Address Translation).
>
> I have read that if the NAT on a router is "dynamic" then
> the NAT acts as a firewall against attempts to connect to
> my machine from the outside. I would like to know if the
> NAT on my router is configured properly so that it is
> in fact preventing unwanted connections from the outside.
>
> I have poked around the router config settings (careful not
> to change any) but I could not find anything that said
> clearly that the NAT was doing what I want.
>
> How can I tell if my NAT is acting as a firewall?

NAT is not a firewall, though NAT devices which block unsolicited packets
are acting like firewalls. AFAIK, your NAT router is capable of blocking
unsolicited packets. As somebody else has suggested, a port scanning site,
such as www.grc.com, will show you if packets are being dropped, or passed.

Before somebody jumps in on my statement about NAT and firewall, I have set
up a hardware NAT device which did not block any unsolicited packets, as
tested at www.grc.com; an Efficient Networks SpeedStream 4100, as shipped
by SBC for their SBC Yahoo! DSL Service Express package. A low end device,
the SS4100 does NAT, assigning an RFC 1918 IP address to the computer; but
it definitely passes unsolicited packets to the computer. Nor does it have
a DHCP service, so it is not a router, either. Just a DSL modem which
performs PPPoE, and NAT to a single IP address.

--
Norman
~Shine, bright morning light,
~now in the air the spring is coming.
~Sweet, blowing wind,
~singing down the hills and valleys.
Anonymous
August 16, 2005 2:10:12 AM

Archived from groups: comp.security.firewalls (More info?)

In article <r5pn0iqpk6in$.dlg@aol.prodigy.net>,
spammers.are@immoral.invalid says...
> On Sun, 14 Aug 2005 04:36:49 GMT, Billy Smith wrote:
>
> > On my Windows XP Pro home machine I have DSL Internet
> > service that uses a Westell Versalink 327W modem/router
> > which uses NAT (Network Address Translation).
> >
> > I have read that if the NAT on a router is "dynamic" then
> > the NAT acts as a firewall against attempts to connect to
> > my machine from the outside. I would like to know if the
> > NAT on my router is configured properly so that it is
> > in fact preventing unwanted connections from the outside.
> >
> > I have poked around the router config settings (careful not
> > to change any) but I could not find anything that said
> > clearly that the NAT was doing what I want.
> >
> > How can I tell if my NAT is acting as a firewall?
>
> NAT is not a firewall, though NAT devices which block unsolicited packets
> are acting like firewalls. AFAIK, your NAT router is capable of blocking
> unsolicited packets. As somebody else has suggested, a port scanning site,
> such as www.grc.com, will show you if packets are being dropped, or passed.
>
> Before somebody jumps in on my statement about NAT and firewall, I have set
> up a hardware NAT device which did not block any unsolicited packets, as
> tested at www.grc.com; an Efficient Networks SpeedStream 4100, as shipped
> by SBC for their SBC Yahoo! DSL Service Express package. A low end device,
> the SS4100 does NAT, assigning an RFC 1918 IP address to the computer; but
> it definitely passes unsolicited packets to the computer. Nor does it have
> a DHCP service, so it is not a router, either. Just a DSL modem which
> performs PPPoE, and NAT to a single IP address.

NAT does not mean that inbound is always rejected, in fact there are 1:1
NAT, Many:Many NAT, and 1:Many NAT setups depending on the device. Just
because a device has NAT does not indicate it's blocking anything - some
NAT setup pass all traffic inbound.

--

spam999free@rrohio.com
remove 999 in order to email me
!