Networking noob here. I want to prevent all incoming requests except through a specific port, and that traffic is forwarded to a specific device on the network. NAT seems to do that just fine, it’s almost like a kind of firewall by itself. What kind of threats are there that requires more than just NAT for security?

  • BaalInvokerA
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    9 months ago

    Will you let the fortune tell if your network is safe or not?

    Why don’t configure your nftables, iptables, UFW, firewalld or whatever to be redundant? It’s not like it consumes much more resources from your system

    Maybe there is an exploit to your router that enables the hacker to access your full network. Maybe there is a glitch in your router that bypass the NAT. Maybe someone can access other devices from another source rather than the router connection (for example, it connects properly into the service, but this service has a flaw that allow full control over your network).

    If a device is connect to the internet, it is somehow vulnerable. The safest machine is that one disconnected from the internet and preferably turned off.