[111650] in North American Network Operators' Group
RE: v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
daemon@ATHENA.MIT.EDU (TJ)
Mon Feb 9 21:28:12 2009
From: "TJ" <trejrco@gmail.com>
To: <nanog@merit.edu>
In-Reply-To: <20090209211940.3f424c30@milhouse.peachfamily.net>
Date: Mon, 9 Feb 2009 21:27:59 -0500
Errors-To: nanog-bounces@nanog.org
>> > The SOX auditor ought to know better. Any auditor that
>> > requires NAT is incompenent.
>>
>> Sadly, there are many audit REQUIREMENTS explicitly naming NAT and
>> RFC1918 addressing ...
>
>SOX auditors are incompetent. I've been asked about anti-virus software on
>UNIX servers and then asked to prove that they run UNIX.........
Fair enough, but my point was that it isn't the auditors' faults in _all_
cases.
When the compliance explicitly requires something they are required to check
for it, they don't have the option of ignoring or waving requirements ...
and off the top of my head I don't recall if it is SOX that calls for
RFC1918 explicitly but I know there are some that do.
