If it's a true firewall (not a simple natbox), it should have a rule
preventing traffic with inside origination IP from entering the outside
interface. Either that or it should be built into the functionality.

-Mike

>He claimed that firewalls using NAT are inherently insecure, because someone
>with enough technical know-how can "trick" it into passing packets back and
>forth bi-directionally, thereby making it "transparent" and letting the
>hacker through to any system behind it.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]