Security gain from NAT (was: Re: Cool IPv6 Stuff)

• Previous message (by thread): Security gain from NAT (was: Re: Cool IPv6 Stuff)
• Next message (by thread): Security gain from NAT (was: Re: Cool IPv6 Stuff)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Valdis.Kletnieks at vt.edu writes:
> Let's not forget all the NAT boxes out there that are *perfectly*
> willing to let a system make an *outbound* connection.  So the user
> makes a first outbound connection to visit a web page, gets exploited,
> and the exploit then phones home to download more malware.
> 
> Yeah, that NAT *should* be providing security, but as you point out,
> there's that big gap between should and is... :)

I will happily (well ...) further concede that NAT does not provide
*absolute* security.  Let me be the first to mention that NAT provides
precisely zero protection against:  "Hey, kids, just download and
run this .EXE to see a cute cartoon of Santa dancing with a polar
bear" :-).

Jim

• Previous message (by thread): Security gain from NAT (was: Re: Cool IPv6 Stuff)
• Next message (by thread): Security gain from NAT (was: Re: Cool IPv6 Stuff)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]