|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Security gain from NAT (was: Re: Cool IPv6 Stuff)
[email protected] writes: > Let's not forget all the NAT boxes out there that are *perfectly* > willing to let a system make an *outbound* connection. So the user > makes a first outbound connection to visit a web page, gets exploited, > and the exploit then phones home to download more malware. > > Yeah, that NAT *should* be providing security, but as you point out, > there's that big gap between should and is... :) I will happily (well ...) further concede that NAT does not provide *absolute* security. Let me be the first to mention that NAT provides precisely zero protection against: "Hey, kids, just download and run this .EXE to see a cute cartoon of Santa dancing with a polar bear" :-). Jim
|