Security gain from NAT (was: Re: Cool IPv6 Stuff)
nsuan at nonexiste.net
Tue Jun 5 13:39:58 UTC 2007
On 6/5/07, David Schwartz <davids at webmaster.com> wrote:
> Combined responses to save bandwidth and hassle (and number of times you
> have to press 'd'):
> > Just because it's behind NAT, does not mean it's unreahcable from the
> Okay, so exactly how many times do you think we have to say in this thread
> that by "NAT/PAT", we mean NAT/PAT as typically implemented in the very
> cheapest routers in their default configuration?
Even the cheapest routers have a 'DMZ' configuration option that adds
a rule that, by default, sends all the traffic to a particular host.
And using that is a fairly common solution to bypassing problems with
port forwarding and NAT.
More information about the NANOG