nanog mailing list archives
Re: Arguing against using public IP space
From: "McCall, Gabriel" <Gabriel.McCall () thyssenkrupp com>
Date: Sun, 13 Nov 2011 18:12:19 -0500
Google for "NAT is not a security feature" and review all the discussions and unnecessary panic over a lack of NAT support in IPv6. If your SCADA network can reach the public internet then your security is only as good as your firewall, whether you NAT or not. If your SCADA network is completely isolated then it doesn't make a bit of difference what addresses you use. -----Original message----- From: Jason Lewis <jlewis () packetnexus com> To: "nanog () nanog org" <nanog () nanog org> Sent: Sun, Nov 13, 2011 15:36:43 GMT+00:00 Subject: Arguing against using public IP space I don't want to start a flame war, but this article seems flawed to me. It seems an IP is an IP. http://www.redtigersecurity.com/security-briefings/2011/9/16/scada-vendors-use-public-routable-ip-addresses-by-default.html I think I could announce private IP space, so doesn't that make this argument invalid? I've always looked at private IP space as more of a resource and management choice and not a security feature.
Current thread:
- Re: Arguing against using public IP space, (continued)
- Re: Arguing against using public IP space Brett Frankenberger (Nov 13)
- Re: Arguing against using public IP space Jay Ashworth (Nov 13)
- Re: Arguing against using public IP space Joe Greco (Nov 13)
- Re: Arguing against using public IP space Joel jaeggli (Nov 13)
- Re: Arguing against using public IP space Joe Greco (Nov 14)
- Re: Arguing against using public IP space Dobbins, Roland (Nov 13)
- Re: Arguing against using public IP space Joe Greco (Nov 14)
- Re: Arguing against using public IP space Valdis . Kletnieks (Nov 13)
- Re: Arguing against using public IP space Jason Lewis (Nov 13)