How secure am I behind a NAT router?

Just bought a NAT router..

Now that my public IP address is contained in my little black box am I a
*lot* safer from external probes?

I practice safe browsing/email collection and use AVG and Sygate on each
workstation. I have been to grc.com and all ports including ICMP are
stealthed.

How much safer am I from hackers who want to poke a stick at my network now
that I am behind a NAT router?


Thanks

Paul

Paul H

You'll be even safer if you block TCP/UDP ports 135 ~ 139 and 445 on your Router.

Dave



"Paul H" <> wrote in message
news:nkHKb.18778$...
| Just bought a NAT router..
|
| Now that my public IP address is contained in my little black box am I a
| *lot* safer from external probes?
|
| I practice safe browsing/email collection and use AVG and Sygate on each
| workstation. I have been to grc.com and all ports including ICMP are
| stealthed.
|
| How much safer am I from hackers who want to poke a stick at my network now
| that I am behind a NAT router?
|
|
| Thanks
|
| Paul
|
|

David H. Lipman

"Paul H" <> wrote in
news:nkHKb.18778$:

> Just bought a NAT router..
>
> Now that my public IP address is contained in my little black box am I
> a *lot* safer from external probes?
>
> I practice safe browsing/email collection and use AVG and Sygate on
> each workstation. I have been to grc.com and all ports including ICMP
> are stealthed.
>
> How much safer am I from hackers who want to poke a stick at my
> network now that I am behind a NAT router?
>
>
> Thanks
>
> Paul
>
>

you are safer and more private than if you did not have a NAT or AV or
software firewall in place.

i am no cisco guy, but your first comment about public address is a bit
confusing? the NAT hides your private addresses. you can assign what you
want for IP address to your boxes on the internal side of NAT (but you
should stick with private addressing scheme). the other end of NAT, that
is exposed to the outside world will contain your public address which you
can not hide - unless you spoof, that is. but why would you want to.

i guess my point is, people can still trace you back to what ISP you are
connecting from. a NAT won't change that.
--
Rowdy Yates
MCSE, Security+, Linux+
I am Against-TCPA
http://www.againsttcpa.com

Rowdy Yates

Any reason to install a software FW behind a router?

Bob
"Rowdy Yates" <> wrote in message
news:Xns9468C1E5CA9B8rowdyyatesnospamlyco@66.185.9 5.104...
> "Paul H" <> wrote in
> news:nkHKb.18778$:
>
> > Just bought a NAT router..
> >
> > Now that my public IP address is contained in my little black box am I
> > a *lot* safer from external probes?
> >
> > I practice safe browsing/email collection and use AVG and Sygate on
> > each workstation. I have been to grc.com and all ports including ICMP
> > are stealthed.
> >
> > How much safer am I from hackers who want to poke a stick at my
> > network now that I am behind a NAT router?
> >
> >
> > Thanks
> >
> > Paul
> >
> >
>
> you are safer and more private than if you did not have a NAT or AV or
> software firewall in place.
>
> i am no cisco guy, but your first comment about public address is a bit
> confusing? the NAT hides your private addresses. you can assign what you
> want for IP address to your boxes on the internal side of NAT (but you
> should stick with private addressing scheme). the other end of NAT, that
> is exposed to the outside world will contain your public address which you
> can not hide - unless you spoof, that is. but why would you want to.
>
> i guess my point is, people can still trace you back to what ISP you are
> connecting from. a NAT won't change that.
> --
> Rowdy Yates
> MCSE, Security+, Linux+
> I am Against-TCPA
> http://www.againsttcpa.com

K2NNJ

Software that makes it into the enclave may make a "phone home" call. The software FireWall
will block it.

Dave



"K2NNJ" <> wrote in message
news:GaLKb.41478$ et...
| Any reason to install a software FW behind a router?
|
| Bob
| "Rowdy Yates" <> wrote in message
| news:Xns9468C1E5CA9B8rowdyyatesnospamlyco@66.185.9 5.104...
| > "Paul H" <> wrote in
| > news:nkHKb.18778$:
| >
| > > Just bought a NAT router..
| > >
| > > Now that my public IP address is contained in my little black box am I
| > > a *lot* safer from external probes?
| > >
| > > I practice safe browsing/email collection and use AVG and Sygate on
| > > each workstation. I have been to grc.com and all ports including ICMP
| > > are stealthed.
| > >
| > > How much safer am I from hackers who want to poke a stick at my
| > > network now that I am behind a NAT router?
| > >
| > >
| > > Thanks
| > >
| > > Paul
| > >
| > >
| >
| > you are safer and more private than if you did not have a NAT or AV or
| > software firewall in place.
| >
| > i am no cisco guy, but your first comment about public address is a bit
| > confusing? the NAT hides your private addresses. you can assign what you
| > want for IP address to your boxes on the internal side of NAT (but you
| > should stick with private addressing scheme). the other end of NAT, that
| > is exposed to the outside world will contain your public address which you
| > can not hide - unless you spoof, that is. but why would you want to.
| >
| > i guess my point is, people can still trace you back to what ISP you are
| > connecting from. a NAT won't change that.
| > --
| > Rowdy Yates
| > MCSE, Security+, Linux+
| > I am Against-TCPA
| > http://www.againsttcpa.com
|
|

David H. Lipman

>Software that makes it into the enclave may make a "phone home" call. The software FireWall
>will block it.
>
>Dave
>

Also, you may wish to familiarize yourself with the "netstat" command
which can actually show these connections in your machine "phoning
home" in real time.

From a command prompt, enter "netstat -ano" for a usage directory.
Don't type the quotes.

"netstat -a" gives details on what protocol, ports, and port status
are doing on your machine in real time.

To see connections on an ongoing basis, enter "netstat 3"
This sets a 3 second sample interval of what services your machine is
connecting to in real time. While observing this window, try opening
different browsers and your mail program. It can give you a better
sense of what is happening. Control C to cancel.

Beachcomber

Beachcomber

On Wed, 07 Jan 2004 06:05:00 GMT, (Beachcomber)
wrote:

>
>>Software that makes it into the enclave may make a "phone home" call. The software FireWall
>>will block it.
>>
>>Dave
>>
>
>Also, you may wish to familiarize yourself with the "netstat" command
>which can actually show these connections in your machine "phoning
>home" in real time.
>
>From a command prompt, enter "netstat -ano" for a usage directory.
>Don't type the quotes.
>
>"netstat -a" gives details on what protocol, ports, and port status
>are doing on your machine in real time.
>
>To see connections on an ongoing basis, enter "netstat 3"
>This sets a 3 second sample interval of what services your machine is
>connecting to in real time. While observing this window, try opening
>different browsers and your mail program. It can give you a better
>sense of what is happening. Control C to cancel.
>
>Beachcomber
>
Yeah but the advantage of a personal firewall is that it blocks it
automatically and you don't have to keep looking for problems.
--
Jim Watt http://www.gibnet.com

Jim Watt

Actually you don't want to use netstat. It shows a static windows at that second.

You want TCPView.exe by http://www.sysinternals.com/

It is a dynamic viewer and on NT platforms it shows the program that opens the ports that
connects to the web site.

Dave



"Beachcomber" <> wrote in message
news:...
|
| >Software that makes it into the enclave may make a "phone home" call. The software
FireWall
| >will block it.
| >
| >Dave
| >
|
| Also, you may wish to familiarize yourself with the "netstat" command
| which can actually show these connections in your machine "phoning
| home" in real time.
|
| From a command prompt, enter "netstat -ano" for a usage directory.
| Don't type the quotes.
|
| "netstat -a" gives details on what protocol, ports, and port status
| are doing on your machine in real time.
|
| To see connections on an ongoing basis, enter "netstat 3"
| This sets a 3 second sample interval of what services your machine is
| connecting to in real time. While observing this window, try opening
| different browsers and your mail program. It can give you a better
| sense of what is happening. Control C to cancel.
|
| Beachcomber
|
|

David H. Lipman

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:SGRKb.834$...
> Actually you don't want to use netstat. It shows a static windows at that
second.
>
> You want TCPView.exe by http://www.sysinternals.com/
>
> It is a dynamic viewer and on NT platforms it shows the program that opens
the ports that
> connects to the web site.
>
> Dave

TCPView is very good. Kerio Personal Firewall has almost exactly the same
kind of display by clicking on 'Firewall Status'.

http://www.kerio.com/dwn/kpf/kerio-pf-2.1.5-en-win.exe

Regards,

Pete.

Pete