networking

3388 readers

2 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 2 years ago

MODERATORS

manifex@sh.itjust.works

NAT vs firewall at home (programming.dev)

submitted 1 week ago by emotional_soup_88@programming.dev to c/networking@sh.itjust.works

21 comments fedilink hide all child comments

Why would I need to have software firewalls on my devices behind my NAT router at home? The topology is a basic consumer grade one: ISP -> my router (NAT) -> LAN, and vice versa.

If NAT already obfuscates my private addresses through translation, how would a potential adversary connect to anything beyond it?

What "good" would my public IP do for a hacker if I have no ports forwarded?

Is a firewall a second line of defense just in case I execute malware that starts forwarding ports?

I do have software firewalls on all my devices, but that wasn't an informed choice. I just followed the Arch Wiki's post installation guidelines.

you are viewing a single comment's thread
view the rest of the comments

[–] emotional_soup_88@programming.dev 2 points 1 week ago

Thanks for reminding me about firmware updates! I was two releases behind on my routers firmware. 😬