[136432] in North American Network Operators' Group
Re: quietly....
daemon@ATHENA.MIT.EDU (Nicholas Suan)
Thu Feb 3 01:24:21 2011
In-Reply-To: <1899106.4313.1296710323930.JavaMail.root@benjamin.baylink.com>
Date: Thu, 3 Feb 2011 01:24:16 -0500
From: Nicholas Suan <nsuan@nonexiste.net>
To: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Feb 3, 2011 at 12:18 AM, Jay Ashworth <jra@baylink.com> wrote:
> Complexity of the configuration vastly increases the size of the
> attack surface: in a NATted edge network, *no packets can come in
> unless I explicitly configure for them*; there are any number of
> reasons why an equivalently simply assertion cannot be made concerning
> the configuration of firewalls, of whatever type or construction.
>
I've always wondered how many consumer routers aren't actually
