mh (RE: OMB: IPv6 by June 2008)

Joseph S D Yao jsdy at center.osis.gov
Fri Jul 8 22:20:04 UTC 2005


On Fri, Jul 08, 2005 at 10:24:22PM +0100, Sean Doran wrote:
> On 7 Jul, 2005, at 21:10, Steven M. Bellovin wrote:
> >Real firewalls pass inbound traffic because a
> >state table entry exists.  NATs do the same thing, with nasty
> >side-effects.  There is no added security from the header-mangling.
> 
> To which Len Bosak quipped a few years ago: "If you don't know its  
> name, you can't curse it".

Sure you can.  For a human entity, get a few hairs from its head or nail
clippings.  For a network entity, get the bits of its externally visible
IP address.

-- 
Joe Yao
-----------------------------------------------------------------------
   This message is not an official statement of OSIS Center policies.



More information about the NANOG mailing list