If it hides the IP address of your fridge, wouldn't that impair anyone from
drinking your milk?
it also impairs *you* from drinking your milk from another part of the
network, even if you have a milk transfer protocol (MTP) client on your
PDA :)
or even if you're in the same room as the fridge but your PDA's network
connection is through a wide area wireless network rather than the house
LAN.
If access to the resource is blocked using NAT, then isn't that aspect
of security inherent to NAT?
two things:
1. NAT blocks all external access even though you typically want to allow
some kinds of external access. that's not good security because it's
too coarse-grained.
2. the fact that NAT blocks external access doesn't justify NAT.
if you want to block all external access, you can do this more
easily (and more reliably) without NAT.
Keith