NAT Security Concerns

GoneShootin

Just wondering what security issues would be surrounding the use of NAT. Just for testing purposes I have my home machine running apache and I can connect to it from work thru my router at home. Happy days.

So what can be done to beef up the security of that connection - especially if I run a mysql db on the home machine. How open to attack am I with *just* Norton Internet Security running on the "server" (home) pc.

/edit

just noticed the security forum - mod feel free to delete this thread....

liamo

You misunderstand the role of NAT in your network. NAT permits multiple outbound connections through a network device with a single public IP.

Setting up your router to forward http requests to your web server is called Port Forwarding.

As far as security is concerned :

If you're making services available from a Windows server, make absolutely sure that you're completely up to date with your patches.

Only forward those ports that are necessary. That is, the more services you make available to the world, the more avenues of attack you're opening.

You'll need to do a bit of reading on how to secure your website - I assume that
with Apache and MySQL you'll also be adding PHP to the mix ? You'll need to read up on how to develop secure code. Or at least, how not to open up gaping holes.

Read up on security in general. If you're going to make services available to the world then you need to develop a security frame of mind and be aware that your server will be probed by worms and bots, what your vulnerabilities are and how best to close them off.

Regards,

Liam

GoneShootin

Cheers liamo. Some good advice there.