[97235] in North American Network Operators' Group
Re: Security gain from NAT
daemon@ATHENA.MIT.EDU (Donald Stahl)
Mon Jun 4 19:53:54 2007
Date: Mon, 4 Jun 2007 19:34:32 -0400 (EDT)
From: Donald Stahl <don@calis.blacksun.org>
To: "Richard P. Welty" <rwelty@averillpark.net>
Cc: NANOG list <nanog@nanog.org>
In-Reply-To: <46648D03.4030005@averillpark.net>
Errors-To: owner-nanog@merit.edu
>> But NAT *requires* stateful inspection;
> No, NAT does not require this.
In the context of this discussion it does.
> Port NAT mapping one IP to many does, but there are other
> kinds of NAT.
This is exactly the NAT that is being spoken of though.
> this lack of precision can lead to nasty results when
> clueless middle managers demand things they don't understand
> (which is, after all, the way of clueless middle managers.) the
> technically minded of us can at least not aggravate the situation
> by being sloppy with our use of language.
I find it doubtful that clueless middle manager types read NANOG but your
concerns are obviously valid- who knows what someone is going to stumble
upon when reading the archives.
I suspect everyone in this thread is completely aware of the
differences however.
-Don
