ietf
[Top] [All Lists]

Re: myth of the great transition (was US Defense Department forma lly adopts IPv6)

2003-06-18 11:14:21
NAT is a denial of service attack, not a means of policy enforcement.

I don't think this is really accurate.

The difference between denial of service and policy enforcement
is primarily a question of authorization. Since the people who
install NAT generally own the networks in question, characterizing
NAT as a DoS attack doesn't really seem right.

people who run virus-laden programs are doing so because they want the
advertised functionality of that program, not because they want to infect
their systems or spread the virus.   people who use Microsoft mail readers do
so because they want to read mail, not because they want to expose their
systems to attack.

similarly, people who install NAT usually don't realize how much this
costs them in lost functionality and reliability.

perhaps DoS isn't quite the right term, but it's not far off.




<Prev in Thread] Current Thread [Next in Thread>