The Broadband Guide
search advanced
 forgot password?
FAQs Categories:

I have a NAT router, why do I need a firewall ?

Many people assume that if they are using NAT, they can forget about firewalls and DMZs and service networks.

What is often overlooked is that anytime you allow a session to be initiated from an external network, you open yourself up to potenital attacks. Many attacks come through the few well known ports that are often open on most networks(such as 80 for HTTP, 20/21 for FTP, 25 for sendmail, 110 for POP3, 143 for IMAP, 53 for DNS, 23 for telnet, etc.) Many exploits are based on the fact that some versions of the programs that run on these ports are insecure and have weaknesses that can be exploited. All this is beyond the scope of, and not addressed by NAT/PAT devices.

A firewall, on the other side has additional features, such as precise tracking of source/destination addresses, inspecting packet contents up through the application layer, logging of external connections to internal IPs, content filters, etc. Also, a multi-layered security approach is always advised, a potential attacker must penetrate multiple barriers between your protected LAN and the public Internet.

  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About