nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPv6 - real vs theoretical problems

From: William Herrin <bill () herrin us>
Date: Fri, 7 Jan 2011 20:54:07 -0500
On Fri, Jan 7, 2011 at 8:02 PM, Dobbins, Roland <rdobbins () arbor net> wrote:

NAT has no inherent security benefits whatsoever.


Hi Roland,

With that statement, you paint with a remarkably broad brush. As you
know, folks use (or perhaps misuse) the term "NAT" to describe
everything from RFC 1631 to so-called "transparent proxies" which are
basically bastion hosts with some fancy behavior on the interior
interface. I presume you don't intend us to conclude that a bastion
host firewall provides no security benefit to the equipment it
protects. Would you care to clarify which of that range of
technologies you consider to serve no security function?

Regards,
Bill Herrin


-- 
William D. Herrin ................ herrin () dirtside comĀ  bill () herrin us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
Previous By Date Next
Previous By Thread Next

Current thread: