Search RPD Archives
[rpd] Factors affecting in-region utilization - way forward?
Noah Maina
mainanoa at gmail.com
Sun Jul 20 18:32:12 UTC 2014
On 20 Jul 2014 21:17, "Owen DeLong" <owen at delong.com> wrote:
>
> > As much as I discourage the use of NAT in networks, I believe address
translation has its niche in the ecosystem. Its has played a key role in
scaling a system that was born over 30 years ago.
>
> No question NAT _WAS_ a useful Some are even so completely and
thoroughly confused as to think that NAT is not harmful to security. Some
go so far as to vehemently and religiously insist that it improves security.
LoL...I was arguing the same 2 days ago...how the heck does NAT improve
security. If one wants to attack a web server for instance, they could do
it from an application level (layer 7)...in fact most publicly accessible
application which are natively using seated rfc1918 addresses and are
seated behind some perimeter fw are still port mapped to some public IP
lol...and those who were affected by heart-bleed never saw that coming..did
they?
NAT ain't defence ever!
>
> Owen
Noah _______________________________________________
> rpd mailing list
> rpd at afrinic.net
> https://lists.afrinic.net/mailman/listinfo.cgi/rpd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20140720/89d04667/attachment.html>
More information about the RPD
mailing list