North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [arin-announce] IPv4 Address Space (fwd)
On Thu, 2003-10-30 at 09:22, Scott McGrath wrote: > That was _exactly_ the point I was attempting to make. If you recall > there was a case recently where a subcontractor at a power generation > facility linked their system to an isolated network which gave > unintentional global access to the isolated network. a NAT at the > subcontrator's interface would have prevented this. So would have a stateful firewall set to keep state, default deny inbound. This is how customer grade firewall products should work with NAT disabled, although they probably don't. -Paul -- Paul Timmins <[email protected]>
|