|
Subject: firing the wall
Name:
 ludicrous
Date: 2/28/2002 5:47:35 PM (GMT-7)
IP Address: 138.67.48.22
In Reply to: Unfirewalling a firewall posted by
Ben
Message:
I wouldn't worry about it, sure the ports show up, but if anyone is trying to access them, they will hit a roadblock because they are actually trying to access the router itself (and get nowhere), not the PC(s) behind it (which have relatively easily-compromised software controlling the hardware).
If someone figured out that they were attacking a NAT-only router (there is a more advanced technique for hardware firewalling, I forget what it is called -- anyway the $90 routers don't have it), then he/she COULD break through but it would take some doing. In other words, you would have to have something behind the router that a reasonably-knowledgeable cracker really wanted. A corporate LAN, for example 
I still run ZoneAlarm on my PCs behind the router, but more because ZA sometimes catches things trying to phone OUTbound.
|