Firewalls: RE: NT NAT

Firewalls
(January 1997)

Indexed By Thread: [Previous] [Next]

Subject:	RE: NT NAT
From:	Mark Joseph Edwards <mark @ ntshop . net>
Date:	Thu, 2 Jan 1997 21:42:38 -0600
To:	"'Russ'" <Russ . Cooper @ RC . on . ca>
Cc:	"'firewalls @ greatcircle . com'" <firewalls @ greatcircle . com>

Ok - I visited this site, and read every single word about OnGuard. I don't see anything on this site AT ALL that insinuates that this product -- by itself -- is all the protection your network needs. Nothing. Zip. Nada. Zilch.

They do, however, quite clearly, stress over and over that this product is an IP address translator (NAT). There IS one teeny tiny short sentence that says "Protects your internal IP servers and workstations from Internet hackers" and that's it. This doesn't say "we're a cure all" or "we're all you need", and it doesn't violate any "Truth in Advertising" ethics either.

Russ wrote -
"Never before have I ever seen anyone attempt to claim that NAT by itself makes your entire internal network secure from Internet hackers, but finally someone has actually done it."

WRONG RUSS -- WRONG WRONG WRONG.  HEY, IT DOESNT SAY THAT IT DOES!  To say the least, your comments are UNFAIR.

And, your cheap stab at MS.....geeez man, what's come over you?

This list doesn't need that type of post, ya know? 

mje


-----Original Message-----
From:	Russ [SMTP:Russ .
 Cooper @
 RC .
 on .
 ca]
Sent:	Thursday, January 02, 1997 6:36 PM
To:	'Jamie Thain'; firewalls @
 greatcircle .
 com
Cc:	'info @
 on .
 com'
Subject:	RE: NT NAT 

>There is now an NT NAT. http://www.on.com.

I hate to do this without looking at the product first, but here's an
excerpt from their web page describing the features their IP Funnel
product provides;

.Protects your internal IP servers and workstations from Internet
hackers 

Now for a company that sells a Firewall, you'd have to wonder how much
they understand security, wouldn't you? Never before have I ever seen
anyone attempt to claim that NAT by itself makes your entire internal
network secure from Internet hackers, but finally someone has actually
done it. We don't need Firewalls any more folks, all we need is NAT. Too
bad the NAT RFC doesn't mention that it was created to do away complete
with Firewalls, we could have all saved ourselves a whole lot of effort
and time.

Their network diagram describing how the system would be placed has it
behind a router and in front of the internal LAN. So now someone would
seem to think that it is highly desirable to dedicate an NT Workstation
to the task of NAT-only. Me thinks you could probably get a new router
that supports NAT for less money.

Maybe their marketing staff is made up of rejected Microsoft
marketeers...???

Cheers,
Russ
R.C. Consulting, Inc. - NT/Internet Security Consulting

Indexed By Date	Previous:	Re: Untrusted vs. trusted network security From: Paul Ferguson <pferguso @ cisco . com>
Indexed By Date	Next:	RE: Firewalls-Digest V5 #699 From: "Tijani CHAOUCH BOURAOUI" <tbouraoui @ msn . com>
Indexed By Thread	Previous:	Re: NT NAT From: Darren Reed <avalon @ coombs . anu . edu . au>
Indexed By Thread	Next:	RE: NT NAT From: Russ <Russ . Cooper @ RC . on . ca>