This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Timothy_Hall
MVP Gold
MVP Gold
‎2022-01-25 07:58 AM
In response to Libor_Kovar

I suppose an argument could be made that NATting inbound traffic into a privately-addressed DMZ does provide some "security through obscurity" by hiding the server's true inside address from the outside world.  In some cases this true address will need to be known when trying certain types of exploit attempts against the server.  However there are so many ways that web servers in particular can leak their true IP address through error pages and such I'd say NATting really doesn't provide much security benefit, increases the complexity of the network slightly, and incurs some extra NAT processing on the firewall.

Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices Video Course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course

View solution in original post

(1)
Who rated this post