Home page logo

nanog logo nanog mailing list archives

Re: Where NAT disenfranchises the end-user ...
From: Scott Gifford <sgifford () tir com>
Date: 10 Sep 2001 13:39:04 -0400

Randy Bush <randy () psg com> writes:

Not exactly, in your scenario you are counting on the firewall to block
hostile traffic destined for some ips.  If they are Natted, it is more
work to compromise those stations.

and if you change your name you are less likely to be mugged.

I think that most of this discussion has been about not just straight
address translation, but NAT with port translation.  If you're using
address and port translation, the analogy goes more like "if you never
leave the house, but instead go through the same motions while sitting
in your house, while a robot performs your actions out in the real
world, you are less likely to be mugged."  Which is true, if somewhat
of a dull existence...


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]