Subj : Re: the nothing to hide a
To   : Nightfox
From : Vk3jed
Date : Fri Mar 04 2022 06:55 pm

-=> On 02-27-22 22:25, Nightfox wrote to Vk3jed <=-

Ni> You have all your ports exposed publicly to the internet?  Or perhaps
Ni> there's an alternative to NAT that I'm not aware of..? I thought pretty
Ni> much everyone with internet at home would be using a router, and I
Ni> thought NAT a standard feature of a router for some level of
Ni> protection.

NAT != security.  You've fallen for the big myth that NAT is somehow more
secure.  All it does is screw up some protocols (FTP anyone?), and puts
arbitrary limits on incoming traffic (2 BBSs on the same port, NO WAY!).

NAT is an ugly hack to help with IPv4 shortages.

First defence is only have the services (daemons) you need running and
listening only on the IP/port combinations you want.  If further limiting of
access is needed, then there's this wonderful thing called a firewall. ;)
iptables on Linux does an excellent job, and even Windows Firewall doesn't do a
bad job, if properly configured.


... You were sent here as a warning to others, weren't you?
--- MultiMail/Win v0.52
� Synchronet � Freeway BBS, Bendigo Australia.  freeway.apana.org.au

You are viewing proxied material from bbs.kd3.us. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.