[97226] in North American Network Operators' Group
Re: Security gain from NAT
daemon@ATHENA.MIT.EDU (Edward B. DREGER)
Mon Jun 4 18:14:42 2007
Date: Mon, 4 Jun 2007 21:19:40 +0000 (GMT)
From: "Edward B. DREGER" <eddy+public+spam@noc.everquick.net>
To: NANOG list <nanog@nanog.org>
In-Reply-To: <46646663.2010900@otd.com>
Errors-To: owner-nanog@merit.edu
DI> Date: Mon, 04 Jun 2007 15:22:11 -0400
DI> From: Dave Israel
DI> So you make end devices unaddressable by normal means, and while it
DI> shouldn't give them more security, it turns out it does. No matter
DI> how much it shouldn't, and how much we wish it didn't, it does.
"Hey, this so-called 'DMZ' feature looks handy. Now I can run a server
process... and I'm protected because I'm using a private address!"
The security comes from state, full stop.
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
________________________________________________________________________
DO NOT send mail to the following addresses:
davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.
