[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Common operational misconceptions

Subject: Common operational misconceptions
From: marka at isc.org (Mark Andrews)
Date: Mon, 20 Feb 2012 12:21:44 +1100
In-reply-to: Your message of "Sun, 19 Feb 2012 19:07:32 MDT." <[email protected]>
References: <[email protected]>

In message <201202200107.q1K17W5l000294 at aurora.sol.net>, Joe Greco writes:
> > > I have running code to make the reverse translations, with
> > > which protocols such as ftp with PORT commands are working.
> > 
> > No, I think you do not understand...
> > 
> > I have a NAT gateway with a single public address.
> > 
> > I have 15 FTP servers and 22 web servers behind it.
> > 
> > I want people to be able to go to ftp://<hostname> and/or =
> > http://<hostname> for each of them.
> 
> Owen,
> 
> Your suggestion here would set many "security experts" heads on fire.
> 
> Whatever will they do when NAT doesn't make such things virtually
> impossible?
> 
> :-)

Time to write "How to use SRV with FTP".  CGN is going to push
the extension of a whole lot of protocols.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

Follow-Ups:
- Common operational misconceptions
  - From: owen at delong.com (Owen DeLong)

References:
- Common operational misconceptions
  - From: jgreco at ns.sol.net (Joe Greco)

Prev by Date: facebook.com DNS not found 20120218 2125 UTC
Next by Date: Common operational misconceptions
Previous by thread: Common operational misconceptions
Next by thread: Common operational misconceptions
Index(es):
- Date
- Thread