Security gain from NAT

Donald Stahl don at calis.blacksun.org
Mon Jun 4 23:34:32 UTC 2007


>> But NAT *requires* stateful inspection;
> No, NAT does not require this.
In the context of this discussion it does.

> Port NAT mapping one IP to many does, but there are other
> kinds of NAT.
This is exactly the NAT that is being spoken of though.

> this lack of precision can lead to nasty results when
> clueless middle managers demand things they don't understand
> (which is, after all, the way of clueless middle managers.) the
> technically minded of us can at least not aggravate the situation
> by being sloppy with our use of language.
I find it doubtful that clueless middle manager types read NANOG but your 
concerns are obviously valid- who knows what someone is going to stumble 
upon when reading the archives.

I suspect everyone in this thread is completely aware of the 
differences however.

-Don



More information about the NANOG mailing list