[57172] in North American Network Operators' Group
RE: State Super-DMCA Too True
daemon@ATHENA.MIT.EDU (McBurnett, Jim)
Sun Mar 30 17:19:48 2003
Date: Sun, 30 Mar 2003 17:18:42 -0500
From: "McBurnett, Jim" <jmcburnett@msmgmt.com>
To: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>,
<nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
maybe I should have said Stateful inspection..
IE inspection of SMTP whereas it limits the commands
that are allowed and makes protocol adjustments.
thanks,
J
> -----Original Message-----
> From: E.B. Dreger [mailto:eddy+public+spam@noc.everquick.net]
> Sent: Sunday, March 30, 2003 5:11 PM
> To: nanog@merit.edu
> Subject: RE: State Super-DMCA Too True=20
>=20
>=20
>=20
> JM> Date: Sun, 30 Mar 2003 10:34:28 -0500
> JM> From: "McBurnett, Jim"
>=20
>=20
> JM> NAT-- HMMM - In my eyes that is a security precaution for the
> JM> ignorant.. Think of this: Joe user goes to Wally World, or
> JM> Staples and get's a Linksys BEFSR11 cable/dsl router. He adds
> JM> NAT, and walla, his computer is no longer wide open to the
> JM> world... Albeit not a stateful firewall, it is much more
>=20
> Actually, it _is_ stateful. It tracks state so it knows what
> inbound traffic is directed to what IP:port on the inside, or
> dropped if no match is found.
>=20
> Run 1:1 NAT and see how secure that is. Run a "public" IP
> address with stateful rules that drop inbound traffic unless
> outbound traffic happened "recently". Compare.
>=20
> NAT's "security" is a by-product of state that is necessary to
> achieve 1:N mapping.
>=20
>=20
> Eddy
> --
> Brotsman & Dreger, Inc. - EverQuick Internet Division
> Bandwidth, consulting, e-commerce, hosting, and network building
> Phone: +1 (785) 865-5885 Lawrence and [inter]national
> Phone: +1 (316) 794-8922 Wichita
>=20
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
> From: A Trap <blacklist@brics.com>
> To: blacklist@brics.com
> Subject: Please ignore this portion of my mail signature.
>=20
> These last few lines are a trap for address-harvesting spambots.
> Do NOT send mail to <blacklist@brics.com>, or you are likely to
> be blocked.
>=20
>=20
