[111387] in North American Network Operators' Group
Re: v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
daemon@ATHENA.MIT.EDU (Chris Adams)
Wed Feb 4 22:58:58 2009
Date: Wed, 4 Feb 2009 21:58:53 -0600
From: Chris Adams <cmadams@hiwaay.net>
To: nanog@nanog.org
Mail-Followup-To: Chris Adams <cmadams@hiwaay.net>, nanog@nanog.org
In-Reply-To: <20090205030522.13D152B21F3@mx5.roble.com>
Errors-To: nanog-bounces@nanog.org
Once upon a time, Roger Marquis <marquis@roble.com> said:
> * NAT advantage #5: it does not require replacement security measures to
> protect against netscans, portscans, broadcasts (particularly microsoft
> netbios), and other malicious inbound traffic.
Since NAT == stateful firewall with packet mangling, it would be much
easier to drop the packet mangling and just use a stateful firewall.
You are just reinforcing the incorrect belief that "NAT == security,
no-NAT == no-security".
--
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
