so cable modems do not have NAT, especially the motrola surfboard. To test it, hook a switch to the surfboard. if it doesnt connect 2 computers at the same time, then it doesnt have NAT. You can call your ISP to provide you two IP address (more money) Their NAT server will go through the modem and connect more than 1 device to the internet.

routers have NAT, cable modems do not. Most DSL modems are modem/routers, = NAT.

Are you talking about something like a DMZ? Because it's funny you mention that. I use my router's DMZ for my Playstation 2. And really, who would want to try and hack a PS2?

And speaking of D-Link. I used to have a D-Link DI-604 router. It had a DMZ but that damn thing would not function like a true DMZ. I could not host games on certain games like Call Of Duty:Finest Hour or Madden or even hook up to the host of a game at least half the time. I called their tech support and the dude I got had a middle eastern accent. Their support is probably located in India or Pakistan. :cuss: And the tech didn't even know what a DMZ is. :shake:

No, a DMZ is a sandbox that sits between the trusted network (your LAN) and the untrusted network (the Internet). It's generally used for hosts or services that need to be exposed to the outside world, but in a way that is slightly more secure (traffic still passes through a firewall).

DMZ's generally use NAT.

What he's talking about is exposing machines fully to the Internet, ie. plugging your DSL modem right into your PC with no personal firewall or anything running.

FYI for this thread:

A "modem" is a modulator/demodulator in strictest terms. It takes in a signal (analog POTS, DSL, cable) and demodulates it into another signal (USB, ethernet, etc.).

A modem is not a router or a firewall. It's really just an electrical device.

That's why Motorola designates their router SurfBoards with the "SBG" designation. "G" stands for gateway. A gateway is a device that connects two separate physical networks, using the same protocol, together. In other words, it's a router.

Since we're on the subject and I'm just curious about something. What do you guys think of a Speedstream DSL modem?

Never used one.

But keeping in mind what I just posted, it doesn't really matter what kind of modem you get as long as it's JUST a modem...

I used an Actiontec Home DSL modem for the longest time - paid $6 for it. It worked just fine connected via USB to a server running Checkpoint FW-1...

Yeah, I thought about that after I posted. I was just curious anyways. I have a Speedstream but, I didn't pay for it. SBC supplied it.

DMZ, de militarized zone.

Exposes one computer to the internet, free of firewalls, etc.

It's not just one computer necessarily. And it's not completely free of firewalls, it's just more open than the internal LAN.

with a Dlink router, its only 1 computer, by it's LAN IP. And it is free of the router's firewall.

Then it's not a true DMZ - it's doing NAT passthrough for all services.

A true DMZ is just that - a demilitarized zone. It's neither fully trusted nor full untrusted. It's afforded protection by the firewall ruleset but services are allowed through to it's hosts.

Enterprises that host their own web or mail services almost always have those servers exposed to the internet in a "DMZ". Those services are allowed through to those hosts but they're also inspected by the firewall.

For example, you may have a firewall ruleset for a web service that has 2 services associated with it - a front end web interface that customers connect to, and a back end data service that retrieves info from a SQL database.

That ruleset would contain a rule that allows, from the internet, HTTP (port 80) through to the web server and nothing else. A second rule would allow SQL (port 1453 I believe) through from the web server to the SQL server. Then a third rule would explicitly deny ALL TRAFFIC, from anywhere to the LAN.

That is the definition of a DMZ.