v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space

Chris Adams cmadams at hiwaay.net
Thu Feb 5 03:58:53 UTC 2009

Once upon a time, Roger Marquis <marquis at roble.com> said:
>  * NAT advantage #5: it does not require replacement security measures to
>  protect against netscans, portscans, broadcasts (particularly microsoft
>  netbios), and other malicious inbound traffic.

Since NAT == stateful firewall with packet mangling, it would be much
easier to drop the packet mangling and just use a stateful firewall.
You are just reinforcing the incorrect belief that "NAT == security,
no-NAT == no-security".
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

More information about the NANOG mailing list