[sclug] Re: Firewalls
Will Dickson
wrd at glaurung.demon.co.uk
Sat Oct 25 09:05:32 UTC 2003
20/01/2003 00:10:02, "J. Mann" <jon at spinis-associates.co.uk> wrote:
>
>NAT is a hack. It is a dirty solution to a
>non trivial problem (lack of ip address space).
>
>The correct solution is to implement a fully
>routable internet, ala ipv6.
>
NAT also serves to conceal the LAN configuration /
topology from external attackers. This is potentially
useful information to an attacker, which should
therefore be denied them.
At the risk of going waaay off-topic, does anybody know
what the situation is with IPv6? It appears to have gone off
the mainstream's radar. Presumably NAT has relieved the
IP address crunch sufficiently to allow it to be held off for
a little longer.
Will.
More information about the Sclug
mailing list