nanog mailing list archives

Re: Security gain from NAT (was: Re: Cool IPv6 Stuff)

From: "Nicholas Suan" <nsuan () nonexiste net>
Date: Tue, 5 Jun 2007 09:39:58 -0400


On 6/5/07, David Schwartz <davids () webmaster com> wrote:



Combined responses to save bandwidth and hassle (and number of times you
have to press 'd'):

--

> Just because it's behind NAT, does not mean it's unreahcable from the
internet:

Okay, so exactly how many times do you think we have to say in this thread
that by "NAT/PAT", we mean NAT/PAT as typically implemented in the very
cheapest routers in their default configuration?


Even the cheapest routers have a 'DMZ' configuration option that adds
a rule that, by default, sends all the traffic to a particular host.
And using that is a fairly common solution to bypassing problems with
port forwarding and NAT.

Current thread:

Re: Security gain from NAT, (continued)
- - - Re: Security gain from NAT Jason Lewis (Jun 04)
    - Re: Security gain from NAT Daniel Senie (Jun 04)
    - Re: Security gain from NAT Steven M. Bellovin (Jun 05)
    - RE: Security gain from NAT (was: Re: Cool IPv6 Stuff) David Schwartz (Jun 04)
    - RE: Security gain from NAT (was: Re: Cool IPv6 Stuff) Donald Stahl (Jun 04)
    - Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) Owen DeLong (Jun 04)
    - RE: Security gain from NAT (was: Re: Cool IPv6 Stuff) David Schwartz (Jun 04)
    - Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) Matthew Palmer (Jun 04)
    - RE: Security gain from NAT (was: Re: Cool IPv6 Stuff) David Schwartz (Jun 05)
    - Re: Security gain from NAT Jeff McAdams (Jun 05)
    - Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) Nicholas Suan (Jun 05)
    - Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) Nicholas Suan (Jun 04)
    - RE: Security gain from NAT (was: Re: Cool IPv6 Stuff) Donald Stahl (Jun 04)
    - RE: Security gain from NAT (was: Re: Cool IPv6 Stuff) Edward B. DREGER (Jun 04)
    - Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) Perry Lorier (Jun 05)
    - Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) James Hess (Jun 05)
    - RE: Security gain from NAT (was: Re: Cool IPv6 Stuff) michael.dillon (Jun 05)
    - Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) Nathan Ward (Jun 05)
    - Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) Sam Stickland (Jun 06)
    - Re: Security gain from NAT (was: Re: Cool IPv6 Stuff) Kradorex Xeron (Jun 05)
    - Re: Security gain from NAT Leigh Porter (Jun 04)

(Thread continues...)