nanog mailing list archives
Re: Security gain from NAT
From: Nathan Ward <nanog () daork net>
Date: Wed, 6 Jun 2007 17:36:55 +1200
On 6/06/2007, at 2:53 PM, Roger Marquis wrote:
So now the cruft extends and embraces, and you have to play DNS view games based on whether it's on company A's legacy net, company B's legacy net, or the DMZ in between them, and start poking around in the middle of DNS packets to tweak the replies (which sort of guarantees you can't deploy DNSSEC).<IPv4 junk>
You clearly missed the start of this conversation, and my summaries in the last couple of days, about which I am not surprised.
We were discussing IPv6, the lack of NAT was brought up as being viewed as a blocker for security reasons, and solutions were presented so that it no longer is, assuming adequate education is provided.
-- Nathan Ward
Current thread:
- Re: Security gain from NAT Roger Marquis (Jun 04)
- Re: Security gain from NAT Donald Stahl (Jun 04)
- Re: Security gain from NAT brett watson (Jun 04)
- <Possible follow-ups>
- Re: Security gain from NAT Roger Marquis (Jun 05)
- Re: Security gain from NAT Donald Stahl (Jun 05)
- Re: Security gain from NAT Donald Stahl (Jun 05)
- Re: Security gain from NAT Roger Marquis (Jun 05)
- Re: Security gain from NAT Valdis . Kletnieks (Jun 05)
- Re: Security gain from NAT Roger Marquis (Jun 05)
- Re: Security gain from NAT Bill Stewart (Jun 06)
- Re: Security gain from NAT Nathan Ward (Jun 06)
- Re: Security gain from NAT Donald Stahl (Jun 05)
- Re: Security gain from NAT Stephen Sprunk (Jun 06)
- Re: Security gain from NAT David Conrad (Jun 06)
- Re: Security gain from NAT Mark Smith (Jun 06)
- Dead Thread (Re: Security gain from NAT) alex (Jun 06)
- Re: Security gain from NAT Donald Stahl (Jun 04)
- Re: Security gain from NAT Nathan Ward (Jun 06)