RE: DDOS attacks and Large ISPs doing NAT?
That would come under the heading of a virus or trojan I believe. And sure there is no reason a NAT'd cell phone couldnt participate in this type of attack. The DDOS discussion is specifically referring to a "live" syn or syn/ack attack from hosts that respond to connection requests. A NAT'd cell phone wont, cant ever, respond to an unsolicited connection request. jm
Yo Jon! On Thu, 2 May 2002, Mansey, Jon wrote:
It may be a virus or a trojan, but it is still acting as a zombie amd it can still use up all your bandwdith. That was your original contention. If you are arguing that NAT protects the phone itself from DDoS that is also not true. Just send it a bazillion pages, NAT does not help there. NAT is just security by obscurity. A speed dump in the road to a commited hacker. RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 gem@rellim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676
On Thu, 02 May 2002 11:06:33 PDT, "Mansey, Jon" said:
*RING*!! *RING*!! Oh, I'm sorry, that was the clue phone ringing - it couldn't be your phone, since it wouldn't answer an unsolicited connection request.... You were saying? (To fill in the blanks - get a trojan loaded into the cellphone/PDA combo, and then send it a page telling it who/what to attack). -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
A NAT'd cell phone wont, cant ever, respond to an unsolicited connection request.
A NAT is not a firewall. A firewall is not a NAT. Some vendors bundle firewall functionality with NAT functionality, just as some vendors bundle SNA with IP. Please stop perpetuating the myth that a NAT is a security device. Bradley
On Thu, 2 May 2002 15:40:57 -0400 Bradley Dunn <bradley@dunn.org> wrote:
some vendors actually sell NAT devices that say "firewall" on the outside of the box. richard -- Richard Welty rwelty@averillpark.net Averill Park Networking 518-573-7592 Unix, Linux, IP Network Engineering, Security
It is not a myth; NAT (PNAT, to be correct) just allow internal users to have SECURE access to the outer world without a reverce access (it is 50 - 60% of the firewall functionality). So, NAT is equal to the firewall for the outgoing calls. Of course, static NAT does not provide any firewall functionality, and NAT do nothing to protect inbound services, so to pprotect such services (if any exist) you need _real_ firewall. To protect internal network, there is not a best way than to have a NAT (of course, firewall with NAT is better, and all modern devices provide botjh functionality, but if I select what's better - NAT device without firewall or firewall without the NAT, and I'll have only outbound calls, I'll choose a NAT).
participants (6)
-
Alexei Roudnev -
Bradley Dunn -
Gary E. Miller -
Mansey, Jon -
Richard Welty -
Valdis.Kletnieks@vt.edu