Reply #50: sure thing [View All]

NAT stands for Network Address Translation. In home use, you will often have a single 'routable' IP address assigned to you. If you were to hook your computer directory to the cable modem, then your computer would get this address. Instead, you have a router between your computer and the modem. The router gets that 'routable' address on its outside connection. Then on the inside (where your computer is) it will use a set of 'non-routable' IP addresses for each computer hooked up to it.

One use of this is to share that single routable address amongst several computers. Another use of it is to hide all of the computers on your network behind the router. Basically, there is no way anyone from the outside can initiate a connection directly to your computer. They can talk to your router, but your computer is hidden behind it. You can initiate a conversation from the inside, but they can not start one from the outside. That actually does an amazing amount of good in providing protection for you.

That basically answers your second question as well - chances are that you are safe behind your router. It is possible to configure a router to do "port forwarding" which would basically let people on the outside directly talk to your computer - but that would not be enabled by default. In this particular case, the attack would have to touch a remote procedure call (RPC) port on your computer, and as such it could not get through your router. Also, if you have XP service pack 2, the default settings on the windows firewall should block this type of communication.


So, the short story is if you are just on your network, behind your router, and no other computers are ever on that network, you are fine. However, the long story is that it is always best to practice 'defence-in-depth' and have multiple layers of security.

So - sorry for the long response - I have to justify all the time I spent learning this stuff somehow - but I hope that helps.