FW: Worms versus Bots

Michael.Dillon at radianz.com Michael.Dillon at radianz.com
Wed May 5 09:14:37 UTC 2004

> (To deflect the inevitable "NAT is not a firewall" complaints, the box 
is a 
> stateful inspection firewall -- as all NAT boxes actually are). 

Hmmm, are you saying that the solution to many so-called
Internet security vulnerabilities is for people to
use an SI Firewall, aka Simple, Inexpensive Firewall,
aka Stateful Inspection Firewall?

One wonders why the DSL/cable router manufacturers
haven't caught on to this idea before now.

If the goal is to actually change people's 
behavior and get them to secure their own computers 
then a name change like SI Firewall is actually an
important tool. There is a lot of bad press out there
for NAT and I wouldn't be surprised if a lot of the
amateur technicians of the world are advising their 
clueless friends not to use it. But if ISPs would
promote the use of an SI Firewall (Simple, Inexpensive
Firewall) to their customers then perhaps we can get
more uptake and an overall improvement in security
without fussing around with frenzied patching sessions.

--Michael Dillon

More information about the NANOG mailing list