[97202] in North American Network Operators' Group
Re: Security gain from NAT (was: Re: Cool IPv6 Stuff)
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Mon Jun 4 15:05:47 2007
To: Jim Shankland <nanog@shankland.org>
Cc: Owen DeLong <owen@delong.com>, NANOG list <nanog@nanog.org>
In-Reply-To: Your message of "Mon, 04 Jun 2007 11:32:39 PDT."
<E1HvHM7-0007vr-6F@mail.shankland.org>
From: Valdis.Kletnieks@vt.edu
Date: Mon, 04 Jun 2007 14:54:01 -0400
Errors-To: owner-nanog@merit.edu
--==_Exmh_1180983241_7893P
Content-Type: text/plain; charset=us-ascii
On Mon, 04 Jun 2007 11:32:39 PDT, Jim Shankland said:
> *No* security gain? No protection against port scans from Bucharest?
> No protection for a machine that is used in practice only on the
> local, office LAN? Or to access a single, corporate Web site?
Nope. Zip. Zero. Ziltch. Nothing over and above what a good properly
configured stateful *non*-NAT firewall should be doing for you already.
--==_Exmh_1180983241_7893P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFGZF/IcC3lWbTT17ARAqM6AKCa2TwXGX1i9s8Qk/ANuah4l/NyYACfViNF
FsFF0SHQkaEle+4/7MRhu6I=
=UoR6
-----END PGP SIGNATURE-----
--==_Exmh_1180983241_7893P--
