Home page logo

nanog logo nanog mailing list archives

Re: Common operational misconceptions
From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Fri, 17 Feb 2012 10:11:22 +0900

Andreas Echavez wrote:

*Why disabling ICMP doesn't increase security and only hurts the web* *(path
MTU discovery, diagnostics)

That PMTUD works is a misconception.

*How NAT breaks end-to-end connectivity (fun one..., took me
 hours to explain to an old boss why doing NAT at the ISP level
 was horrendously wrong)

That's another misconception.

While NAT breaks the end to end connectivity, it can be
restored by end systems by reversing translations by NAT,
if proper information on the translations are obtained
through some protocol such as UPnP.

                                        Masataka Ohta

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]