[Courses] [Security] Firewall theory -- UDP and nameservers

Nicole Fauquet nik at ascendancy.net
Fri Mar 22 10:28:54 EST 2002


----- Original Message -----
From: <hobbit at aloss.ukuu.org.uk>
To: <courses at linuxchix.org>
Sent: Friday, March 22, 2002 8:14 AM
Subject: Re: [Courses] [Security] Firewall theory -- UDP and nameservers


> I gather 'firewall' is a military term originally, too. Never known
> what it means in that context. I can't think of many things which

    Nope - it's a building term.  In apartment buildings (properly built
ones at least) you have a unit wall and then a wall of solid steel or
cinderblock (ie things that don't burn well), and then a unit wall.  The
steel wall is called the firewall because its purpose is to stop fires from
spreading from one unit to the next.

> The only thing I'm not sure about now is what this NAT stuff is.
> This is probably a bad time to ask. I should have mentioned this
> the first time it came up. I intended to go and find out. And I
> forgot. So I'll ask now before suddenly it shows up in every
> future email or something.

    NAT is good stuff - it is what has allowed IPv4 to live as long as it
has.  What NAT does is lets you have internal ip addresses that the machine
running NAT then translates into external addresses.  Not only does this
allow you to get more bang for your IP address buck, it is a very very good
thing security-wise.  It means that you are giving no clues to your internal
architecture to the outside world, which makes black hats' lives much
harder.  NAT means 'Network Address Translation', and if you hear someone
talking about '10-space', they 're likely talking about NAT.


Neko





More information about the Courses mailing list