On Tue, 10 Oct 2000 20:47:54 +0800, you wrote:
To answer your question re security and PAT (You are almost certainly running PAT and not NAT) Yes, PAT for the most part only allows outgoing connections with the exception of DNS and someother UDP connections. (UDP is connectionless and as such is tricky to NAT/PAT/Masquerade/Firewall)
Two Qs: 1) What's the difference between PAT and NAT? 2) I'd like some more information about how secure is a (private-IP) intranet behind a router performing NAT/PAT or similar (which obviusly has got a real IP address). My personal thoughts are that if the NAT device isn't implementing any port forwarding to any internal machine, the said machine is safe. Correct? So, the intranet would be safe for external attacks (supposing router access is not granted and its configuration is safe from hackers) without needing a fw or router-filters, isn't it? Am I missing some interesting points? Regards.