[Semibug] Is a NAT router also a Service Proxy Firewall?
Jonathan Drews
jondrews at fastmail.com
Thu Sep 22 06:32:44 EDT 2022
On Thu, Sep 22, 2022 at 05:55:32AM -0400, Kyle Willett wrote:
> Hi Jonathan,
>
> I would say that yes, NAT also serves as a firewall in some sense. An
> agent on the Internet can not access a devices using NAT without port
> forwarding so in effect the NAT is serving as a firewall. For
> example, I can not access via SSH my Linux and BSD laptops even if
> they are running sshd at home over another computer on the Internet.
> This is one of two reasons it is so hard to host your own server at
> home!
>
> Also, I will disclaimer this: I just have a masters degree in IT and
> am not a network expert nor a BSD expert, nor a Linux expert, so take
> what I say with a grain of salt!
>
Thanks Kyle:
That's what I wanted to know. Even if somehow they could get past the
NAT, they would have to get through my host based firewall that uses
PF. So I think I am pretty secure.
I'm reading up on all this stuff to be ready for Peter Hansteens talk
this Sunday. It's going to be good.
--
Kind regards,
Jonathan
More information about the Semibug
mailing list