02-14-2002 09:18 AM - edited 03-10-2019 01:22 PM
I have some users on a subnet outside our internal network - our wireless users. They are behind a 3640 running PAT/NAT (one to many NAT) - such that each user receives a 10.x.y.z address from the 3640's DHCP abilities and their source address is always one shared routable IP address. My question is - how vulnerable to hacking are all of these workstations with the 10.x.y.z to random hacking from someone out on the Internet? I am having a debate and would appreciate some input!
02-15-2002 09:09 PM
They are not vulnerable. The 'state' table in a pix would be able to detect if a packet was 'spoofed' malformed, etc, and not allow it inbound access.
The connection a user makes to the outside is stored and referenced when the packet returns. It would be almost impossible to hack this socket.
-ne1secure?
02-16-2002 11:05 AM
Thanks. What about a non-statefu non-pixl device - something like a 3640 router with PAT? Or a typical home user with one of the Linksys cable/DSL routers with PAT? How safe are these devices from being attacked?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide