[64775] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: IPv6 NAT

daemon@ATHENA.MIT.EDU (Henry Linneweh)
Sat Nov 1 18:30:18 2003

Date: Sat, 1 Nov 2003 15:29:30 -0800 (PST)
From: Henry Linneweh <hrlinneweh@sbcglobal.net>
To: Michael.Dillon@radianz.com, nanog@merit.edu
In-Reply-To: <OF15B668A4.D1E41BAC-ON80256DD0.005CA397-80256DD0.005D601E@radianz.com>
Errors-To: owner-nanog-outgoing@merit.edu


--0-1907999492-1067729370=:64413
Content-Type: text/plain; charset=us-ascii

After having read many of these posts I realized there are chips out there now, 
oboard that do last mile protection at the gate level which eliminates any of
this and the products can come preconfigured for this or not depends on what
you want to pay for.....
 
-Henry

Michael.Dillon@radianz.com wrote:

>This does not mean we should NAT everything, since I use some of those 
>protocols. But if every Joe User had a DLink NAT box in front of his 
>Winbloze box, the Internet would be a safer place. And you know it.

You're forgetting Rob Thomas's peripatetic presentation in Chicago.
Not to mention the guy whose SSH session was outed by a keylogger.
Check http://www.safer-networking.org/ for more on spyware and
trojans. If this was the only way the black hats could wreak havoc
then we would be seeing a lot more of it.

I think that the only thing which will make the Internet a safer place
is time and hard work. We have to put in the effort to address *ALL* the
weaknesses until we've raised the bar so high that only the toughest
black hats have the time, skills and energy to break the weakest link.

--Michael Dillon

--0-1907999492-1067729370=:64413
Content-Type: text/html; charset=us-ascii

<DIV>After having read many of these posts I realized there are chips out there now, </DIV>
<DIV>oboard that do last mile protection at the gate level which eliminates any of</DIV>
<DIV>this and the products can come preconfigured for this or not depends on what</DIV>
<DIV>you want to pay for.....</DIV>
<DIV>&nbsp;</DIV>
<DIV>-Henry<BR><BR><B><I>Michael.Dillon@radianz.com</I></B> wrote:</DIV>
<BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid"><BR>&gt;This does not mean we should NAT everything, since I use some of those <BR>&gt;protocols. But if every Joe User had a DLink NAT box in front of his <BR>&gt;Winbloze box, the Internet would be a safer place. And you know it.<BR><BR>You're forgetting Rob Thomas's peripatetic presentation in Chicago.<BR>Not to mention the guy whose SSH session was outed by a keylogger.<BR>Check http://www.safer-networking.org/ for more on spyware and<BR>trojans. If this was the only way the black hats could wreak havoc<BR>then we would be seeing a lot more of it.<BR><BR>I think that the only thing which will make the Internet a safer place<BR>is time and hard work. We have to put in the effort to address *ALL* the<BR>weaknesses until we've raised the bar so high that only the toughest<BR>black hats have the time, skills and energy to break the weakest link.<BR><BR>--Michael Dillon<BR></BLOCKQUOTE>
--0-1907999492-1067729370=:64413--

home help back first fref pref prev next nref lref last post