On Sat, Feb 03, 2001 at 10:50:08AM -0800, Grenville Armitage wrote:
Einar Stefferud wrote:
[..]
had my own home system and discovered that I had no interest in being
totally visible and accessible at all times, especially when I was
not always around to monitor things.
So, now I am very happy behind my little XRouter NAT box, with an ISP
service out there where I can have a login shell if I wish.
NAT doesn't primarily provide security, a firewall does. A firewall
doesn't have to do NAT. If you dont mind the number of IP addresses
you get from your ISP, install a smart firewall and ditch the NAT
box (or twiddle some config options in your Xrouter... whatever)
Although address obfuscation through combining NAT with your firewall
can provide a small amount of additional security.
...Scott