You are not logged in.
Hello everyone,
I'm using a desktop computer.
If I use a wireless home router for connecting to the internet, will a NAT gateway increase security?
Will security also be increased if I set up a NAT gateway, and I'm using a wired home router?
See this link for what I mean:
https://wiki.archlinux.org/index.php/Si … AT_gateway
Sincerely,
Cylinder57
Last edited by Cylinder57 (2012-09-26 03:08:23)
Offline
Likely your wireless or wired router IS a nat gateway. Setting up a NAT gateway is for when you don't have a router appliance, and you want a Linux machine to work as one, sharing the internet connection with other machines in the house.
Offline
Likely your wireless or wired router IS a nat gateway..
And it is easy to find out.
If the IP address of your computer starts with 192 or 172 or 10, it is.
Edit: Not a perfect test, but it works for most home routers.
Last edited by ewaller (2012-09-24 02:28:58)
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
If the IP address of your computer starts with 192 or 172 or 10, it is.
Neat! This I did not know...
Offline
My IP Address starts with a 24.
Offline
It would appear, then that you are are not behind a NAT device. You are probably plugged straight into a modem (DSL/cable) of some sort? If so, yes, your computer is probably being poked and prodded by hackers as we speak. If you've any ports open; like ssl, http, telnet, ftp, they are being probed.
If I use a wireless home router for connecting to the internet, will a NAT gateway increase security?
Will security also be increased if I set up a NAT gateway, and I'm using a wired home router?
Most home routers are NAT gateways. I am a bit confused, are you using one now, or are you thinking of using one?
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
The link you provided is, simply put, how to set up a box as the front line of your network, protecting everything behind it. From the sound of it, you're just dealing with the one system? If so, setting it up as a NAT gateway will be useless, as there's nothing behind it to protect.
As ewaller said, something's not sounding right. Home routers without NAT are pretty rare unless you've specifically turned it off.
Last edited by Scimmia (2012-09-24 18:19:50)
Offline
I used:
To find my ip address.
It said it was 24, but I decided to type this command:
ifconfig -a
Output:
eth0: flags= (whatever else comes after this line doesn't matter.)
inet 192. (whatever else comes after this line doesn't matter.)
Turns out my IP Address starts with 192. It doesn't start with 24, as the above website falsely stated.
Conclusion:
I do have a home router with NAT.
Setting up a NAT gateway will not increase security for my own computer.
Last edited by Cylinder57 (2012-09-26 02:51:28)
Offline
Turns out my IP Address starts with 192. It doesn't start with 24, as the above website falsely stated.
You need to read up a bit on what you're doing. The website was correctly giving you your external IP address. You were asked what your network card's IP address was. Those are not necessarily the same (nowadays, almost certainly not).
Allan-Volunteer on the (topic being discussed) mailn lists. You never get the people who matters attention on the forums.
jasonwryan-Installing Arch is a measure of your literacy. Maintaining Arch is a measure of your diligence. Contributing to Arch is a measure of your competence.
Griemak-Bleeding edge, not bleeding flat. Edge denotes falls will occur from time to time. Bring your own parachute.
Offline
The website wasn't wrong, the 24.xxx.xxx.xxx is the WAN (external) address of your NAT router. Every computer on your home network gets assigned an LAN (internal) address by the router (which is your 192.168.xxx.xxx address).
Some reading would help, starting here: https://en.wikipedia.org/wiki/Network_a … ranslation
Offline
Ok. So, to summarize:
If my internal IP Address, which is found by ifconfig -a, starts with 192, I am behind a home router.
I guess I'll mark this as solved, since I now know that I don't need to set up a NAT gateway.
Thanks everyone!
Last edited by Cylinder57 (2012-09-26 03:08:45)
Offline
If you have an internal address at all, you are behind your home router. If you were connected directly to Internet, ifconfig -a would give you the same address the website did.
Offline
If the IP address of your computer starts with 192 or 172 or 10, it is.
Firstly, you ignore the fact that 192.168.0.0/16 is just a /16, ie the larger 192/8 prefix contains many public addresses as well, and the same for 172.16/12.
Secondly, even your public/external interface could be behind CGN (Carrier Grade NAT) nowadays, and thus have an rfc1918 private IPv4 address.
Note that any "whatismyipaddress" type websites (outside your ISP's network) will still report a public (non-rfc1918) address in that case.
Offline
ewaller wrote:If the IP address of your computer starts with 192 or 172 or 10, it is.
Firstly, you ignore the fact that 192.168.0.0/16 is just a /16, ie the larger 192/8 prefix contains many public addresses as well, and the same for 172.16/12.
Secondly, even your public/external interface could be behind CGN (Carrier Grade NAT) nowadays, and thus have an rfc1918 private IPv4 address.
Note that any "whatismyipaddress" type websites (outside your ISP's network) will still report a public (non-rfc1918) address in that case.
To your first point, all true. to the second, yes; but you are still behind a NAT, it is just not yours.
I was not trying to be definitive, that is why I coached my answer with the caveat that it works for most home routers. It was just a quick and nasty test to see if his machine might be in a private space. We knew has address was 24.*.*.* to the world.
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline