John John - MVP wrote:
> I think that your assessment of how easily NAT can be broken is
> overblown, consider this, if your firewall tests can't make it through
> your NAT box it isn't as flimsy as you make it out to be!

You are missing the point. The firewall test sites that don't shoot
through NAT do not tag the secondary off internet address on to
their attack packets. In those tests, everything comes back perfect
because they are being rejected by the router.

Now if the test site took your secondary off Internet address from
your initial SYN packet to log into their site and probed you, the
router would pass their probes right through.


> If anyone is
> that worried they can put their private IP address in the Class A range
> and give the hackers a "few" more doors to knock on. But I do have to
> agree with you that you get what you pay for and that a $15 router may
> not be the best thing to have between your network and the internet!
>
> John

Best Buy is ready and waiting for the $15.00 crowd: their Geek Squid
will happily wipe your hard drive clean and reinstall windows for you!