North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: State Super-DMCA Too True

  • From: todd glassey
  • Date: Mon Mar 31 12:53:26 2003

How about this - The issue is really one of the commission
of fraud and preventing it. So is NAT really an issue? I
think not. I think it may be part of the legislation but
that is because that the writers didn't have our input...

So if you as an ISP have a good operating process model and
you log and sort your log data. What is the difference
between a log that shows a bunch of stuff moving to a DHCP
lease that was assigned to "xxx-yyyy" at "zz:zz" time on
"dd-mm-yyyy" day. And that this lease was issued to account
"blah" - then you have the most evidence that is available
over a TCP connection anyway. And its as good as the
testimony of the logs regarding that there was only one
address at the end of that pipe serviced.

What I am saying is that any legislation preventing NAT is
ludicrous and in fact counter productive. What it needs to
be is legislation regarding how well ISP's have to audit
what their customers do. That's it. Nothing more.

Look - what is the difference between the log data shown in
a scenario where I don't use NAT but instead use Microsoft's
Internet Sharing Feature in the  Win2000 Servers? the answer
is simple. Poof NAT gateway. And so now it is illegal to use
a facility already distributed in every copy of MS Server
deployed in these states....

Look what this law-shtick is all about is the mandating that
ISP's know what their customers are doing data wise, on
their wires (the ISP's) and that's it.

Todd Glassey

-----Original Message-----
From: [email protected] [mailto:[email protected]]On
Behalf Of
Robert A. Hayden
Sent: Sunday, March 30, 2003 7:34 AM
To: [email protected]
Subject: Re: State Super-DMCA Too True



Can't NAT-like devices be just as viable as a security
device as well?
Is the ISP willing to take responsiblity for security
breaches on my home
network because they banned my firewall?  From a
political/public-perception standpoint, treat those ISPs
that are
complaining about NAT as being soft on security and
encouraging hacking.
In todays paranoid political climate, there might even be
some milage
here.

I have Charter pipeline in Madison, WI, and they've been
very open about
people using NAT devices to the point that they are
recommended in some
cases as security devices as well as being sold by Charter's
professional-services group as inexpensive firewalls.  About
six months
ago I got a 1-page flier from Charter offering a 4-port
Linksys and an
on-site installation.

Since a "NAT device" could include virtually any operating
system and any
PC with two or more ethernet ports, it might be better to
push the
"firewall" aspects  of them rather than try to defend or
justify the
MANY-to-1 routing aspects of NAT.