[75251] in North American Network Operators' Group
Re: Important IPv6 Policy Issue -- Your Input Requested
daemon@ATHENA.MIT.EDU (James)
Tue Nov 9 15:25:16 2004
Date: Tue, 9 Nov 2004 15:24:50 -0500
From: James <haesu@towardex.com>
To: Jerry Eyers <jeyers@sloancc.net>
Cc: bsdusr@gmail.com, "nanog@merit.edu" <nanog@merit.edu>
In-Reply-To: <4191CDFB.00000B.01076@11IBM27>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, Nov 10, 2004 at 03:14:51AM -0500, Jerry Eyers wrote:
> "Get a firewall" is not a valid response when you have lusers
> to drop the latest netgear whatever onto their PC and dial
> to some provider somewhere. Your firewall is useless to
> protect that segment. In many cases NAT is the ONLY
> protection you end up with in this scenario, a scenario that
> is far to common in the corporate world.
>
> Jerry
Then get a stateful firewall. NAT == stateful fw + header map/mod
done/done.
-J
--
James Jun TowardEX Technologies, Inc.
Technical Lead IPv4 and Native IPv6 Colocation, Bandwidth,
james@towardex.com and Web Hosting Services in the Metro Boston area
cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net
