mailing list archives
Re: Common operational misconceptions
From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Fri, 17 Feb 2012 10:11:22 +0900
Andreas Echavez wrote:
*Why disabling ICMP doesn't increase security and only hurts the web* *(path
MTU discovery, diagnostics)
That PMTUD works is a misconception.
*How NAT breaks end-to-end connectivity (fun one..., took me
hours to explain to an old boss why doing NAT at the ISP level
was horrendously wrong)
That's another misconception.
While NAT breaks the end to end connectivity, it can be
restored by end systems by reversing translations by NAT,
if proper information on the translations are obtained
through some protocol such as UPnP.