Home page logo

nanog logo nanog mailing list archives

Re: Where NAT disenfranchises the end-user ...
From: Charles Sprickman <spork () inch com>
Date: Fri, 7 Sep 2001 00:16:06 -0400 (EDT)

On Thu, 6 Sep 2001, Roeland Meyer wrote:

Hello all,

To be honest, even though I've used NAT myself and have implemented NAT for
friends and clients, I would NEVER represent that a NAT'd address has the
full connectivity to the Internet that a static address does.

True...  neither does a well-firewalled LAN.

NAT has it's place, and we have many happy customers that are quite
pleased with their NAT'd connections; some simple, some fancy.

What irks me more than NAT are crappy protocols like FTP and H.323 that
make too many assumptions about how much of my machine I am willing to
expose in order to communicate using these protocols.  I particularly
detest any software that is not content to let the far end figure out
the source address of a packet.

NAT and firewalls have a way of showing you how poorly designed these
protocols are.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]