[97200] in North American Network Operators' Group
Re: Security gain from NAT (was: Re: Cool IPv6 Stuff)
daemon@ATHENA.MIT.EDU (Joe Abley)
Mon Jun 4 14:52:14 2007
In-Reply-To: <E1HvHM7-0007vr-6F@mail.shankland.org>
Cc: Owen DeLong <owen@delong.com>, NANOG list <nanog@nanog.org>
From: Joe Abley <jabley@ca.afilias.info>
Date: Mon, 4 Jun 2007 14:47:06 -0400
To: Jim Shankland <nanog@shankland.org>
Errors-To: owner-nanog@merit.edu
On 4-Jun-2007, at 14:32, Jim Shankland wrote:
> Shall I do the experiment again where I set up a Linux box
> at an RFC1918 address, behind a NAT device, publish the root
> password of the Linux box and its RFC1918 address, and invite
> all comers to prove me wrong by showing evidence that they've
> successfully logged into the Linux box?
Perhaps you should run a corresponding experiment whereby you set up
a linux box with a globally-unique address, put it behind a firewall
which blocks all incoming traffic to that box, and issue a similar
invitation.
Do you think the results will be different?
Joe
