mh (RE: OMB: IPv6 by June 2008)

• Previous message (by thread): mh (RE: OMB: IPv6 by June 2008)
• Next message (by thread): mh (RE: OMB: IPv6 by June 2008)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 07, 2005 at 01:31:57PM -0700, Crist Clark wrote:
> And if you still want "the protection of NAT," any stateful firewall
> will do it.

That seems a common viewpoint.

I believe the very existence of the Ping Of Death rebuts it.

A machine behind a NAT box simply is not visible to the outside world,
except for the protocols you tunnel to it, if any.   This *has* to
vastly reduce it's attack exposure.

Anyone with a pointer to an *in depth* explanation somewhere of why
that assumption is invalid can mail it to me off list, and I'll shut
up.

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra at baylink.com
Designer                          Baylink                             RFC 2100
Ashworth & Associates        The Things I Think                        '87 e24
St Petersburg FL USA      http://baylink.pitas.com             +1 727 647 1274

      If you can read this... thank a system administrator.  Or two.  --me

• Previous message (by thread): mh (RE: OMB: IPv6 by June 2008)
• Next message (by thread): mh (RE: OMB: IPv6 by June 2008)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]