nanog mailing list archives

Re: Is NAT can provide some kind of protection?

From: Jack Bates <jbates () brightok net>
Date: Wed, 12 Jan 2011 12:03:29 -0600

On 1/12/2011 11:57 AM, Steven Kurylo wrote:

Some benefit?  Yes.  Enough benefit to be worth the trouble?  I
personally am not convinced.

Some people believe it is. Who am I to tell them how to run theirnetwork? They block facebook and yahoo. I, unfortunately, can't. :)

Considering the amount of people who mistake the amount of security
NAT provides, we're probably better off without it to remove that
false sense of security.

People will then have a false sense of security with stateful firewallsthat perform no better than NAT, just without the address translation.The type of stateful firewall with or without address translation willnot suddenly make people become wiser and implement better securitypolicies. Vendors will always make a cheap setup which people will useand consider themselves secure.


Jack

Current thread:

Re: Is NAT can provide some kind of protection?, (continued)
- - - Re: Is NAT can provide some kind of protection? Greg Ihnen (Jan 12)
  - Re: Is NAT can provide some kind of protection? Loránd Jakab (Jan 12)
    - Re: Is NAT can provide some kind of protection? Valdis . Kletnieks (Jan 12)
- RE: Is NAT can provide some kind of protection? George Bonser (Jan 12)
  - Re: Is NAT can provide some kind of protection? Fernando Gont (Jan 12)
    - RE: Is NAT can provide some kind of protection? George Bonser (Jan 12)
    - Re: Is NAT can provide some kind of protection? Jack Bates (Jan 12)
    - RE: Is NAT can provide some kind of protection? George Bonser (Jan 12)
    - Re: Is NAT can provide some kind of protection? Jack Bates (Jan 12)
    - Re: Is NAT can provide some kind of protection? Steven Kurylo (Jan 12)
    - Re: Is NAT can provide some kind of protection? Jack Bates (Jan 12)
    - Re: Is NAT can provide some kind of protection? Owen DeLong (Jan 12)
    - Re: Is NAT can provide some kind of protection? Jack Bates (Jan 12)
    - Re: Is NAT can provide some kind of protection? Brian Keefer (Jan 15)
    - Re: Is NAT can provide some kind of protection? William Herrin (Jan 15)
    - Re: Is NAT can provide some kind of protection? Owen DeLong (Jan 15)
    - Re: Is NAT can provide some kind of protection? Brandon Ross (Jan 15)
    - Re: Is NAT can provide some kind of protection? Owen DeLong (Jan 15)
    - Re: Is NAT can provide some kind of protection? Brandon Ross (Jan 15)
    - Re: Is NAT can provide some kind of protection? Douglas Otis (Jan 15)
    - Re: Is NAT can provide some kind of protection? Matthew Palmer (Jan 15)

(Thread continues...)