On 7 Jul, 2005, at 21:10, Steven M. Bellovin wrote: > Real firewalls pass inbound traffic because a > state table entry exists. NATs do the same thing, with nasty > side-effects. There is no added security from the header-mangling. > To which Len Bosak quipped a few years ago: "If you don't know its name, you can't curse it". Sean.