nanog mailing list archives

Re: [arin-announce] IPv4 Address Space (fwd)

From: Paul Timmins <paul () timmins net>
Date: Thu, 30 Oct 2003 09:38:53 -0500


On Thu, 2003-10-30 at 09:22, Scott McGrath wrote:

That was _exactly_ the point I was attempting to make.  If you recall
there was a case recently where a subcontractor at a power generation
facility linked their system to an isolated network which gave
unintentional global access to the isolated network.  a NAT at the
subcontrator's interface would have prevented this.


So would have a stateful firewall set to keep state, default deny
inbound.
This is how customer grade firewall products should work with NAT
disabled, although they probably don't.
-Paul

-- 
Paul Timmins <paul () timmins net>

Current thread:

Re: [arin-announce] IPv4 Address Space (fwd), (continued)
- - - Re: [arin-announce] IPv4 Address Space (fwd) Scott McGrath (Oct 29)
  - RE: [arin-announce] IPv4 Address Space (fwd) Gary Blankenship (Oct 30)
- RE: [arin-announce] IPv4 Address Space (fwd) Michel Py (Oct 29)
- Re: [arin-announce] IPv4 Address Space (fwd) Miquel van Smoorenburg (Oct 29)
  - Re: [arin-announce] IPv4 Address Space (fwd) Scott McGrath (Oct 29)
    - Re: [arin-announce] IPv4 Address Space (fwd) David Raistrick (Oct 29)
    - Re: [arin-announce] IPv4 Address Space (fwd) Jack Bates (Oct 29)
    - Re: [arin-announce] IPv4 Address Space (fwd) Crist Clark (Oct 29)
    - Re: [arin-announce] IPv4 Address Space (fwd) E.B. Dreger (Oct 30)
    - Re: [arin-announce] IPv4 Address Space (fwd) Scott McGrath (Oct 30)
    - Re: [arin-announce] IPv4 Address Space (fwd) Paul Timmins (Oct 30)
    - Re: [arin-announce] IPv4 Address Space (fwd) Scott McGrath (Oct 30)
- RE: [arin-announce] IPv4 Address Space (fwd) Kuhtz, Christian (Oct 29)
  - Re: [arin-announce] IPv4 Address Space (fwd) Leo Bicknell (Oct 29)
    - Re: [arin-announce] IPv4 Address Space (fwd) matt (Oct 29)
    - Re: [arin-announce] IPv4 Address Space (fwd) Alex Yuriev (Oct 29)
    - Re: [arin-announce] IPv4 Address Space (fwd) william (Oct 29)
    - Re: [arin-announce] IPv4 Address Space (fwd) Alex Yuriev (Oct 29)
    - Re: [arin-announce] IPv4 Address Space (fwd) matt (Oct 29)
    - traffic engineering (or lack of thereof) Alex Yuriev (Oct 30)
    - Re: [arin-announce] IPv4 Address Space (fwd) william (Oct 29)

(Thread continues...)