[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] V6 question



You may be correct, but if not for NAT windows users would have no security
at all.

On Feb 5, 2011 12:47 PM, "Michael B. Trausch" <mike at trausch.us> wrote:

On Sat, 2011-02-05 at 12:39 -0500, Mike Harrison wrote:
> It also keeps the outside world from conne...
Everyone gather round.  Say it with me:

                    NAT is not a security mechanism.

Seriously.  I mean it.

        Let me repeat that: NAT is not a security mechanism.

It was intended to enable privately addressed networks to have limited
communication with hosts on the Internet.  It has the side effect of
using tables to figure out how to rewrite packets, but this does not
provide any security.  It does not.

          One more time: NAT IS NOT A SECURITY MECHANISM.

Or to put it another way:  NAT is as effective at providing security for
your network as groping at airports is for providing security there.
It's all a show; it's faux security that makes people feel better but
does not serve any real purpose.

I've gone on about NAT recently in other threads here.  You can find
those, or you can read the post I wrote in my blog about NAT if you
want:

http://mike.trausch.us/blog/2011/01/31/more-about-networking-part-2-nat/

       --- Mike

_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20110209/7ffbd624/attachment.html