nanog mailing list archives

Re: Is NAT can provide some kind of protection?

From: Owen DeLong <owen () delong com>
Date: Thu, 13 Jan 2011 12:54:15 -0800


On Jan 13, 2011, at 11:44 AM, Lamar Owen wrote:

On Wednesday, January 12, 2011 12:16:27 pm Valdis.Kletnieks () vt edu wrote:

140 million compromised PC's, most of them behind a NAT, can't be wrong. :)


How many more would there be if most PC's were not behind NAT or stateful firewalling?

Here you've hit the key... "or stateful firewalling". Stateful firewalling provides the security.
NAT just mangles the header. Overloaded NAT depends inherently on the stateful firewall
and this has lead to confusion where people don't realize that the term "NAT" is often
(mis)used to refer to the combined process.

Owen

Current thread:

Re: Is NAT can provide some kind of protection?, (continued)
- - - Re: Is NAT can provide some kind of protection? Owen DeLong (Jan 12)
    - Re: Is NAT can provide some kind of protection? David Barak (Jan 12)
    - Re: Is NAT can provide some kind of protection? Owen DeLong (Jan 12)
    - Re: Is NAT can provide some kind of protection? Jack Bates (Jan 13)
    - Re: Is NAT can provide some kind of protection? Dobbins, Roland (Jan 13)
    - Re: Is NAT can provide some kind of protection? Jack Bates (Jan 13)
    - Re: Is NAT can provide some kind of protection? William Herrin (Jan 13)
    - Re: Is NAT can provide some kind of protection? Jack Bates (Jan 13)
    - Re: Is NAT can provide some kind of protection? William Herrin (Jan 13)
    - Re: Is NAT can provide some kind of protection? Lamar Owen (Jan 13)
    - Re: Is NAT can provide some kind of protection? Owen DeLong (Jan 13)
  - Re: Is NAT can provide some kind of protection? Owen DeLong (Jan 12)
    - Re: Is NAT can provide some kind of protection? Paul Ferguson (Jan 12)
    - Re: Is NAT can provide some kind of protection? Steven Kurylo (Jan 12)
    - Re: Is NAT can provide some kind of protection? Owen DeLong (Jan 12)
    - Re: Is NAT can provide some kind of protection? Scott Helms (Jan 12)
    - Re: Is NAT can provide some kind of protection? Chris Adams (Jan 12)
    - Re: Is NAT can provide some kind of protection? Scott Helms (Jan 12)
    - Re: Is NAT can provide some kind of protection? david raistrick (Jan 12)
    - Re: Is NAT can provide some kind of protection? Jack Bates (Jan 12)
    - Re: Is NAT can provide some kind of protection? Miquel van Smoorenburg (Jan 12)

(Thread continues...)