Keith Moore <moore(_at_)cs(_dot_)utk(_dot_)edu> writes:
If you want to address denial of service issues you need protocol
enforcement points.
NAT is a denial of service attack, not a means of policy enforcement.
I don't think this is really accurate.
The difference between denial of service and policy enforcement
is primarily a question of authorization. Since the people who
install NAT generally own the networks in question, characterizing
NAT as a DoS attack doesn't really seem right.
-Ekr
--
[Eric Rescorla ekr(_at_)rtfm(_dot_)com]
Web Log: http://www.rtfm.com/movabletype