|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical [no subject]
> No, the reason we have NAT is because it's a lot easier for novice > network administrators to divvy up and route 10/8 than it is 208.x.x/20. Only for novices :-)? And what if the alternative is not a /20, but a /24, or even a /28? > There's also a general perception that NAT increases security; some > "security" companies go so far as to say NAT removes the need for a > firewall. Agreed that NAT does not remove the need for a firewall; but it *does* increase security. I have a machine behind a NAT; its IP address is 192.168.27.111. It has an open telnet port; the root password is "rutabaga". (It's on a completely different network than the one I'm sending this email from, so don't bother trying to deduce anything from the mail headers or my domain name.) I don't believe that I've just compromised its security :-). Jim Shankland
|