North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: FW: Worms versus Bots
- From: Chris Adams
- Date: Fri May 07 10:50:04 2004
Once upon a time, Alexei Roudnev <email@example.com> said:
> Any simple NAT (PNAT, to be correct) box decrease a chance of infection by
> last worms to 0. Just 0.0000%.
The problem is that Joe User (or his kid) wants to run some random P2P
program without having to reconfigure NAT port mappings, so they have
all inbound connections mapped to a static internal IP. When the worms
come knocking, the connections go right through and the static IP system
gets infected, which then infects the Mom's computer, etc.; then you
have 2+ times as much worm traffic sourced from that single public IP
because there are multiple computers scanning.
NAT does help if you just put necessary port mappings in place (and only
for "secure" protocols).
Chris Adams <firstname.lastname@example.org>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.