[33142] in North American Network Operators' Group
RE: RFC1918 addresses to permit in for VPN?
daemon@ATHENA.MIT.EDU (Randy Bush)
Sun Dec 31 15:42:46 2000
From: Randy Bush <randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To: "Derek J. Balling" <dredd@megacity.org>
Cc: nanog@merit.edu
Message-Id: <E14CpHe-0001tW-00@rip.psg.com>
Date: Sun, 31 Dec 2000 12:40:50 -0800
Errors-To: owner-nanog-outgoing@merit.edu
>>> That makes perfect sense to me...there is not a better way to protect a
>>> box from a DOS/hack than to only give it a private address.
>> this is a common fantasy. changing the its license place does not change
>> the vulnerability of your car to an accident.
> No, but putting your car on a private road that you need to circumvent
> several roadblocks to reach IS a pretty good deterrent to its being in an
> accident.
that's called a firewall, or in the extreme a disconnected network, not nat.
randy
