nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Is NAT can provide some kind of protection?

From: Owen DeLong <owen () delong com>
Date: Sat, 15 Jan 2011 09:06:27 -0800

On Jan 15, 2011, at 6:01 AM, Joel Jaeggli wrote:


On 1/15/11 1:24 PM, Leen Besselink wrote:


I'm a full supported for getting rid of NAT when deploying IPv6, but
have to say the alternative is not all that great either.

Because what do people want, they want privacy, so they use the
IPv6 privacy extensions. Which are enabled by default on Windows
when IPv6 is used on XP, Vista and 7.


There aren't enough hosts on most subnets that privacy extensions
actually buy you that much. sort of like have a bunch of hosts behind a
single ip, a bunch of hosts behind a single /64 aren't really insured
much in the way of privacy, facebook is going to know that it's you.


Privacy extensions aren't intended to hide the location of the transaction.
They are intended to prevent a given MAC address from being tracked
across a variety of networks. All that they really solve is the problem
of "I disabled my cookies, but, the website still knows who I am no matter
where I go."

Owen
Previous By Date Next
Previous By Thread Next

Current thread: