
Jump to: navigation, search

SRT210 Lab 3

30 bytes added, 12:05, 21 January 2019
NAT as a security tool
In order to allow access to a machine on a private subnet you have to make a whitelist on the router, with every explicit service that's supposed to be accessible on your internal machine. All things being equal - a whitelist provides a greater level of security than a blacklist.
And at the end of the day if you screw up the setup of your router: the worst thing that will happen is that your internal service will be inaccessible. From a security point of view that is much better than a screwup with a firewall which can make ''everythingevery system and service'' accessible to ''everyoneon the internet''.

Navigation menu