That would come under the heading of a virus or trojan I believe. And sure
there is no reason a NAT'd cell phone couldnt participate in this type of
attack.
The DDOS discussion is specifically referring to a "live" syn or syn/ack
attack from hosts that respond to connection requests. A NAT'd cell phone
wont, cant ever, respond to an unsolicited connection request.
jm
Yo Jon!
That would come under the heading of a virus or trojan I believe. And sure
there is no reason a NAT'd cell phone couldnt participate in this type of
attack.
It may be a virus or a trojan, but it is still acting as a zombie amd it can
still use up all your bandwdith. That was your original contention.
If you are arguing that NAT protects the phone itself from DDoS that
is also not true. Just send it a bazillion pages, NAT does not help there.
NAT is just security by obscurity. A speed dump in the road to a
commited hacker.
RGDS
GARY
*RING*!! *RING*!! Oh, I'm sorry, that was the clue phone ringing - it
couldn't be your phone, since it wouldn't answer an unsolicited connection
request....
You were saying?
(To fill in the blanks - get a trojan loaded into the cellphone/PDA combo,
and then send it a page telling it who/what to attack).
A NAT'd cell phone
wont, cant ever, respond to an unsolicited connection request.
A NAT is not a firewall.
A firewall is not a NAT.
Some vendors bundle firewall functionality with NAT functionality, just as
some vendors bundle SNA with IP.
Please stop perpetuating the myth that a NAT is a security device.
Bradley
some vendors actually sell NAT devices that say "firewall" on the outside
of the box.
richard
> A NAT'd cell phone
> wont, cant ever, respond to an unsolicited connection request.A NAT is not a firewall.
A firewall is not a NAT.
Some vendors bundle firewall functionality with NAT functionality, just as
some vendors bundle SNA with IP.Please stop perpetuating the myth that a NAT is a security device.
It is not a myth; NAT (PNAT, to be correct) just allow internal users to have
SECURE access to the outer world without a reverce access (it is 50 - 60% of the
firewall functionality). So, NAT is equal to the firewall for the outgoing calls.
Of course, static NAT does not provide any firewall functionality, and NAT do
nothing to protect inbound services, so to pprotect such services (if any exist)
you need _real_ firewall. To protect internal network, there is not a best way
than to have a NAT (of course, firewall with NAT is better, and all modern devices
provide botjh functionality, but if I select what's better - NAT device without
firewall or firewall without the NAT, and I'll have only outbound calls, I'll
choose a NAT).