[135042] in North American Network Operators' Group
Re: Is NAT can provide some kind of protection?
daemon@ATHENA.MIT.EDU (Owen DeLong)
Sat Jan 15 12:11:52 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <4D31A8B3.70201@bogus.com>
Date: Sat, 15 Jan 2011 09:06:27 -0800
To: Joel Jaeggli <joelja@bogus.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 15, 2011, at 6:01 AM, Joel Jaeggli wrote:
> On 1/15/11 1:24 PM, Leen Besselink wrote:
>
>> I'm a full supported for getting rid of NAT when deploying IPv6, but
>> have to say the alternative is not all that great either.
>>
>> Because what do people want, they want privacy, so they use the
>> IPv6 privacy extensions. Which are enabled by default on Windows
>> when IPv6 is used on XP, Vista and 7.
>
> There aren't enough hosts on most subnets that privacy extensions
> actually buy you that much. sort of like have a bunch of hosts behind a
> single ip, a bunch of hosts behind a single /64 aren't really insured
> much in the way of privacy, facebook is going to know that it's you.
>
Privacy extensions aren't intended to hide the location of the transaction.
They are intended to prevent a given MAC address from being tracked
across a variety of networks. All that they really solve is the problem
of "I disabled my cookies, but, the website still knows who I am no matter
where I go."
Owen
