Can anyone explane to me what NAT is and why NAT is a good think from a security point of view ?
2007-09-20 16:09:00 · 3 answers · asked by Kerensky 1 in Computers & Internet ➔ Security
In computer networking, the process of Network Address Translation (NAT, also known as Network Masquerading, Native Address Translation or IP Masquerading) involves re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address (gateway).Many network administrators find NAT a convenient technique and use it widely. Nonetheless, NAT can introduce complications in communication between hosts and may have a performance impact.
In addition to the convenience and low cost of NAT, the lack of full bidirectional connectivity can be regarded in some situations as a feature rather than a limitation. To the extent that NAT depends on a machine on the local network to initiate any connection to hosts on the other side of the router, it prevents malicious activity initiated by outside hosts from reaching those local hosts. This can enhance the reliability of local systems by stopping worms and enhance privacy by discouraging scans. Many NAT-enabled firewalls use this as the core of the protection they provide.
The greatest benefit of NAT is that it is a practical solution to the impending exhaustion of IPv4 address space. Networks that previously required a Class B IP range or a block of Class C network addresses can now be connected to the Internet with as little as a single IP address (many home networks are set up this way). The more common arrangement is having machines that require true bidirectional and unfettered connectivity supplied with a 'real' IP address, while having machines that do not provide services to outside users tucked away behind NAT with only a few IP addresses used to enable Internet access.
2007-09-20 16:19:21 · answer #1 · answered by Anonymous · 0⤊ 0⤋
NAT is Network Address Translation essentially a gateway between a private LAN and a public Internet, it is connecting the above two networks that were completely separate except this NAT machine in between, essentially from security POV it is the ultimate form of a firewall.
2007-09-20 16:18:35 · answer #2 · answered by Andy T 7 · 0⤊ 1⤋
They say is better than me. Its a great site, bookmark it
http://computer.howstuffworks.com/nat1.htm
Here is an excerpt.
With the explosion of the Internet and the increase in home networks and business networks, the number of available IP addresses is simply not enough. The obvious solution is to redesign the address format to allow for more possible addresses. This is being developed (called IPv6), but will take several years to implement because it requires modification of the entire infrastructure of the Internet.
This is where NAT (RFC 1631) comes to the rescue. Network Address Translation allows a single device, such as a router, to act as an agent between the Internet (or "public network") and a local (or "private") network. This means that only a single, unique IP address is required to represent an entire group of computers.
2007-09-20 16:18:41 · answer #3 · answered by ? 6 · 0⤊ 1⤋