You are not logged in.

#1 2012-09-24 01:15:16

Cylinder57
Member
Registered: 2012-04-30
Posts: 29

[SOLVED] Is a NAT Gateway useful for a desktop computer?

Hello everyone,

I'm using a desktop computer.

If I use a wireless home router for connecting to the internet, will a NAT gateway increase security?

Will security also be increased if I set up a NAT gateway, and I'm using a wired home router?

See this link for what I mean:

https://wiki.archlinux.org/index.php/Si … AT_gateway

Sincerely,

Cylinder57

Last edited by Cylinder57 (2012-09-26 03:08:23)

Offline

#2 2012-09-24 01:43:26

johni
Member
Registered: 2012-02-03
Posts: 102

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

Likely your wireless or wired router IS a nat gateway.   Setting up a NAT gateway is for when you don't have a router appliance, and you want a Linux machine to work as one,  sharing the internet connection with other machines in the house.

Offline

#3 2012-09-24 02:28:16

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 19,740

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

johni wrote:

Likely your wireless or wired router IS a nat gateway..

And it is easy to find out.

If the IP address of your computer starts with 192 or 172 or 10, it is.

Edit:  Not a perfect test, but it works for most home routers.

Last edited by ewaller (2012-09-24 02:28:58)


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

#4 2012-09-24 04:18:00

WonderWoofy
Member
From: Los Gatos, CA
Registered: 2012-05-19
Posts: 8,414

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

ewaller wrote:

If the IP address of your computer starts with 192 or 172 or 10, it is.

Neat!  This I did not know...

Offline

#5 2012-09-24 17:57:37

Cylinder57
Member
Registered: 2012-04-30
Posts: 29

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

My IP Address starts with a 24.

Offline

#6 2012-09-24 18:11:37

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 19,740

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

It would appear, then that you are are not behind a NAT device.  You are probably plugged straight into a modem (DSL/cable) of some sort?  If so, yes, your computer is probably being poked and prodded by hackers as we speak.  If you've any ports open; like ssl, http, telnet, ftp, they are being probed.

If I use a wireless home router for connecting to the internet, will a NAT gateway increase security?
Will security also be increased if I set up a NAT gateway, and I'm using a wired home router?

Most home routers are NAT gateways.  I am a bit confused, are you using one now, or are you thinking of using one?


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

#7 2012-09-24 18:17:41

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,466

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

The link you provided is, simply put, how to set up a box as the front line of your network, protecting everything behind it. From the sound of it, you're just dealing with the one system? If so, setting it up as a NAT gateway will be useless, as there's nothing behind it to protect.

As ewaller said, something's not sounding right. Home routers without NAT are pretty rare unless you've specifically turned it off.

Last edited by Scimmia (2012-09-24 18:19:50)

Offline

#8 2012-09-26 02:47:30

Cylinder57
Member
Registered: 2012-04-30
Posts: 29

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

I used:

http://whatismyipaddress.com/

To find my ip address.

It said it was 24, but I decided to type this command:

ifconfig -a

Output:

eth0: flags= (whatever else comes after this line doesn't matter.)
    inet 192. (whatever else comes after this line doesn't matter.)

Turns out my IP Address starts with 192.  It doesn't start with 24, as the above website falsely stated.

Conclusion:
I do have a home router with NAT.
Setting up a NAT gateway will not increase security for my own computer.

Last edited by Cylinder57 (2012-09-26 02:51:28)

Offline

#9 2012-09-26 02:50:37

ngoonee
Forum Fellow
From: Between Thailand and Singapore
Registered: 2009-03-17
Posts: 7,354

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

Cylinder57 wrote:

Turns out my IP Address starts with 192.  It doesn't start with 24, as the above website falsely stated.

You need to read up a bit on what you're doing. The website was correctly giving you your external IP address. You were asked what your network card's IP address was. Those are not necessarily the same (nowadays, almost certainly not).


Allan-Volunteer on the (topic being discussed) mailn lists. You never get the people who matters attention on the forums.
jasonwryan-Installing Arch is a measure of your literacy. Maintaining Arch is a measure of your diligence. Contributing to Arch is a measure of your competence.
Griemak-Bleeding edge, not bleeding flat. Edge denotes falls will occur from time to time. Bring your own parachute.

Offline

#10 2012-09-26 02:53:52

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,466

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

The website wasn't wrong, the 24.xxx.xxx.xxx is the WAN (external) address of your NAT router. Every computer on your home network gets assigned an LAN (internal) address by the router (which is your 192.168.xxx.xxx address).

Some reading would help, starting here: https://en.wikipedia.org/wiki/Network_a … ranslation

Offline

#11 2012-09-26 03:06:14

Cylinder57
Member
Registered: 2012-04-30
Posts: 29

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

Ok.  So, to summarize:
If my internal IP Address, which is found by ifconfig -a, starts with 192, I am behind a home router.

I guess I'll mark this as solved, since I now know that I don't need to set up a NAT gateway.

Thanks everyone!

Last edited by Cylinder57 (2012-09-26 03:08:45)

Offline

#12 2012-09-26 03:09:49

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,466

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

If you have an internal address at all, you are behind your home router. If you were connected directly to Internet, ifconfig -a would give you the same address the website did.

Offline

#13 2012-09-26 08:57:48

ghen
Member
From: Belgium
Registered: 2010-08-31
Posts: 121

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

ewaller wrote:

If the IP address of your computer starts with 192 or 172 or 10, it is.

Firstly, you ignore the fact that 192.168.0.0/16 is just a /16, ie the larger 192/8 prefix contains many public addresses as well, and the same for 172.16/12.

Secondly, even your public/external interface could be behind CGN (Carrier Grade NAT) nowadays, and thus have an rfc1918 private IPv4 address.
Note that any "whatismyipaddress" type websites (outside your ISP's network) will still report a public (non-rfc1918) address in that case.

Offline

#14 2012-09-26 13:19:43

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 19,740

Re: [SOLVED] Is a NAT Gateway useful for a desktop computer?

ghen wrote:
ewaller wrote:

If the IP address of your computer starts with 192 or 172 or 10, it is.

Firstly, you ignore the fact that 192.168.0.0/16 is just a /16, ie the larger 192/8 prefix contains many public addresses as well, and the same for 172.16/12.

Secondly, even your public/external interface could be behind CGN (Carrier Grade NAT) nowadays, and thus have an rfc1918 private IPv4 address.
Note that any "whatismyipaddress" type websites (outside your ISP's network) will still report a public (non-rfc1918) address in that case.

To your first point, all true.  to the second, yes; but you are still behind a NAT, it is just not yours. 
I was not trying to be definitive, that is why I coached my answer with the caveat that it works for most home routers.  It was just a quick and nasty test to see if his machine might be in a private space.  We knew has address was 24.*.*.* to the world.


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

Board footer

Powered by FluxBB