Is NAT can provide some kind of protection?

Matthew Palmer mpalmer at hezmatt.org
Sat Jan 15 18:02:07 CST 2011


On Sat, Jan 15, 2011 at 06:24:01PM -0500, Brandon Ross wrote:
> On Sat, 15 Jan 2011, Owen DeLong wrote:
>
>> I really doubt this will be the case in IPv6.
>
> I really hope you are right, because I don't want to see that either,  
> however...
>
> Why do you suppose they did that before with IPv4?  Sure you can make the 
> argument NOW that v4 is in scarce supply, but 10 years ago it was still  
> the case.

The finest raisins of all: hysterical raisins.

Widespread consumer internet access was dialup, with Trumpet or equivalent.
The concept of "home networks" was, at best, for the uber, *uber* nerds
(like most people on this list).  The idea that an average home user would
*ever* need more than one IP was ludicrous, so your basic dialup account
provided one IP (although I recall being able to ask for more, for free, if
I needed them).  Then it became a "value add" to have more than one IP, and
then NAT came along because the hackers at home had networks, and then the
hackers at home went into IT and used consumer-grade ISPs, and so they
deployed NAT in the enterprise, and then those people became the standards
writers for PCI DSS...

- Matt




More information about the NANOG mailing list