comp.security.firewalls archive
Re: Port scans through NAT router?
Date: Sat Jan 28 2006 - 17:59:28 CET
In article <43DB7022.DB47B265@cox.net>, ohaya@cox.net says...
>
> If I am visiting a website, say http://www.foo.com, is there some way
> for port scans to ride back into my NAT'ed network "on top of" the
> outgoing HTTP connection?
>
I believe that it's possible for the site to sneak UDP back in, since
the NAT router will be allowing all traffic in from whatever site you're
visiting, however, you mentioned it was TCP. I suppose theoretically
the NAT router would allow ALL traffic inbound from whatever site you're
visiting. So it seems possible. That is my understanding, however, I
may be wrong and I'm not that well versed in routers yet, still fairly
new to them myself. I used software firewalls for years until just
about 6 months ago. At any rate, Sygate (or any software fw) will block
the inbound traffic/scans so you're safe enough. I would not worry much
about anything getting thru unless it's from some random IP address.
Then it might be time for a new router.
-- KerodoReceived on Tue Feb 7 20:58:03 2006