Re: Security gain from NAT

• From: Edward B. DREGER
• Date: Mon Jun 04 18:41:24 2007

DI> Date: Mon, 04 Jun 2007 15:22:11 -0400
DI> From: Dave Israel

DI> So you make end devices unaddressable by normal means, and while it
DI> shouldn't give them more security, it turns out it does.  No matter
DI> how much it shouldn't, and how much we wish it didn't, it does.

"Hey, this so-called 'DMZ' feature looks handy.  Now I can run a server
process... and I'm protected because I'm using a private address!"

The security comes from state, full stop.


Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
________________________________________________________________________
DO NOT send mail to the following addresses:
[email protected] -*- [email protected] -*- [email protected]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

• References:
  • Re: Cool IPv6 Stuff Owen DeLong
  • Cool IPv6 Stuff Jeroen Massar
  • Re: Cool IPv6 Stuff Jared Mauch
  • Re: Cool IPv6 Stuff Sam Stickland
  • Re: Cool IPv6 Stuff Adrian Chadd
  • Re: Cool IPv6 Stuff Joel Jaeggli
  • Security gain from NAT (was: Re: Cool IPv6 Stuff) Jim Shankland
  • Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) Valdis . Kletnieks
  • Re: Security gain from NAT Dave Israel

• Prev by Date: Re: Security gain from NAT (was: Re: Cool IPv6 Stuff)
• Next by Date: RE: Security gain from NAT (was: Re: Cool IPv6 Stuff)
• Date Index
• Thread Index
• Author Index
• Historical