nanog mailing list archives
Re: Addressing plan exercise for our IPv6 course
From: Jens Link <lists () quux de>
Date: Fri, 23 Jul 2010 11:50:02 +0200
Owen DeLong <owen () delong com> writes:
In all reality: 1. NAT has nothing to do with security. Stateful inspection provides security, NAT just mangles addresses.
You know that, I know that and (hopefully) all people on this list know that. But NAT == security was and still is sold by many people.
Most customers don't know or care what NAT is and wouldn't know the difference between a NAT firewall and a stateful inspection firewall.
I Agree. But there are also many people who want to believe in NAT as security feature. After one of my talks about IPv6 the firewall admins of a company said something like: "So we can't use NAT as an excuse anymore and have to configure firewall rules? We don't want this." cheers Jens -- ------------------------------------------------------------------------- | Foelderichstr. 40 | 13595 Berlin, Germany | +49-151-18721264 | | http://blog.quux.de | jabber: jenslink () guug de | ------------------- | -------------------------------------------------------------------------
Current thread:
- Re: Addressing plan exercise for our IPv6 course, (continued)
- Re: Addressing plan exercise for our IPv6 course Antonio M. Moreiras (Jul 21)
- Re: Addressing plan exercise for our IPv6 course Alex Band (Jul 22)
- Re: Addressing plan exercise for our IPv6 course Matthew Walster (Jul 22)
- Re: Addressing plan exercise for our IPv6 course Valdis . Kletnieks (Jul 22)
- Re: Addressing plan exercise for our IPv6 course Matthew Kaufman (Jul 22)
- Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 22)
- Re: Addressing plan exercise for our IPv6 course Akyol, Bora A (Jul 22)
- Re: Addressing plan exercise for our IPv6 course Mark Smith (Jul 22)
- RE: Addressing plan exercise for our IPv6 course Frank Bulk - iName.com (Jul 22)
- Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 22)
- Re: Addressing plan exercise for our IPv6 course Jens Link (Jul 23)
- Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 23)
- Re: Addressing plan exercise for our IPv6 course Jens Link (Jul 25)
- Re: Addressing plan exercise for our IPv6 course Matthew Palmer (Jul 25)
- Re: Addressing plan exercise for our IPv6 course Antonio M. Moreiras (Jul 21)
- Re: Addressing plan exercise for our IPv6 course Akyol, Bora A (Jul 27)
- Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 27)
- Re: Addressing plan exercise for our IPv6 course Mark Smith (Jul 29)
- Re: Addressing plan exercise for our IPv6 course Tim Franklin (Jul 29)
- Re: Addressing plan exercise for our IPv6 course Valdis . Kletnieks (Jul 24)
- Re: Addressing plan exercise for our IPv6 course Saku Ytti (Jul 24)
- Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 24)