Re: Ok; let's have the "Does DNAT contribute to Security" argument one more time...

["Michael Painter" <tvhawaii () shaka com>]

Jay Ashworth wrote:
> ----- Original Message -----
> > From: "Valdis Kletnieks" <Valdis.Kletnieks () vt edu>
>
> > > On the other hand, since a firewall's job is to stop packets you
> > > don't want,
> >
> > One of Marcus Ranum's "5 Stupidest Security Blunders" - "enumerating
> > badness".
> > A firewall's job isn't to stop unwanted packets, it's to pass only
> > wanted packets.
>
> From 30,000ft those are equivalent.


Speaking of 30,000 ft., saw this on Dave Farber's IP list:

https://plus.google.com/u/0/110897184785831382163/posts/5qsNxFEaiML