nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Security gain from NAT (was: Re: Cool IPv6 Stuff)

From: Donald Stahl <don () calis blacksun org>
Date: Mon, 4 Jun 2007 20:56:40 -0400 (EDT)


Surely that second quote should be "crap, now macrumors can tell that one
person in our office follows them obsessively"?  Unless there's
publically-available information that indicates that IP address is your
CEO's (which is a whole other topic -- publically available rDNS for
company-internal IPv6 ranges).
In addition, IPv6 supports temporary addresses that can change every day. If your browser binds to a temporary address, and it changes daily, then the anonymizing feature of NAT becomes a whole lot less useful. 


NAT is still evil though, the problems it causes operationally are
just plain not worth it.

Amen to that.

I think evil sums up NAT nicely :)

-Don
Previous By Date Next
Previous By Thread Next

Current thread: