v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
Chris Adams
cmadams at hiwaay.net
Thu Feb 5 03:58:53 UTC 2009
Once upon a time, Roger Marquis <marquis at roble.com> said:
> * NAT advantage #5: it does not require replacement security measures to
> protect against netscans, portscans, broadcasts (particularly microsoft
> netbios), and other malicious inbound traffic.
Since NAT == stateful firewall with packet mangling, it would be much
easier to drop the packet mangling and just use a stateful firewall.
You are just reinforcing the incorrect belief that "NAT == security,
no-NAT == no-security".
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the NANOG
mailing list