Security Now 3
Episode 003 |
Hosts: Leo Laporte and Steve Gibson Topic: NAT Routers as Firewalls Published: September 1, 2005 Duration: 00:25:41 |
Contents
Security Now: 003
Topic
- NAT routers act as a hardware firewall
- Unsolicited packets are dropped at the border
- Does not prevent outgoing connections
- The internet is crawling with worms and viruses
- Steve calls this, the internet background radiation (IBR)
- A software firewall helps control outgoing traffic
- Universal Plug and Play on routers allows any computer behind the router to open holes in the router to allow for unsolicited to come in
- This is used by peer-to-peer networks and instant messaging
- Steve recommends that you turn this off to secure your router
- Opening ports on your router may be necessary in some situations, but it is best if you open the ports manually
- You can run a DMZ to allow all traffic to a specific IP address on your network, for a game server
- However, if that becomes infected, since it is on your networks, it can infect other machines on your networks
- By using multiple NAT routers in series you can create network segments that will prevent the machine on the DMZ from infecting your other machines
- A NAT router is analogous to a one way valve in plumbing, allowing flow in only one direction, but blocking it in the other direction
What You Should Do to Secure Your Internet Connection
- Have a NAT router
- Run a software firewall
- Turn off Universal Plug and Play on the router
- Then reset the router
- Change the default password for the router
- Turn off WAN management on your router
External Links
- Steve's page on NAT routers [1]
- Show transcripts [2]
- Download this episode[3]
- Download 16kb version of this episode [4]
Production Information
![]() |
This area is for use by TWiT staff only. Please do not add or edit any content within this section. |