Re: NATs are NOT Firewalls

ietf

Re: NATs are NOT Firewalls

2003-06-18 23:29:36

On Thu, 19 Jun 2003 00:55:49 EDT, S Woodside said:

On Wednesday, June 18, 2003, at 06:28  PM, Tomson Eric ((Yahoo.fr)) 
wrote:

Now, the fact that masking the internal addresses to the external
world - so that internal hosts can initiate traffic to the outside, 
but no
external host can initiate traffic to the inside - brings some basic
security, is an interesting corollary, but not the primary objective 
of a
NAT.


Is this just security through obscurity, or something better?


Security through obscurity.  See Bellovin's paper on enumerating through a NAT.

Steven M. Bellovin, "A Technique for Counting NATted Hosts. Proc. Second
Internet Measurement Workshop, November 2002.

http://www.research.att.com/~smb/papers/fnat.pdf  (or fnat.ps if you prefer)

pgp8YOvDUPOiz.pgp
Description: PGP signature

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), (continued) Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), Eric Rescorla Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), Michael Thomas Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), Eric Rescorla Re: myth of the great transition, S Woodside Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), Michael Thomas Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), Melinda Shore Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), Kurt Erik Lindqvist Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), S Woodside NATs are NOT Firewalls, Tomson Eric \(Yahoo.fr\) Re: NATs are NOT Firewalls, S Woodside Re: NATs are NOT Firewalls, Valdis . Kletnieks <= Re: NATs are NOT Firewalls, Daniel Senie Re: NATs are NOT Firewalls, Valdis . Kletnieks Re: NATs are NOT Firewalls, Dean Anderson Re: NATs are NOT Firewalls, S Woodside RE: myth of the great transition (was US Defense Department forma lly adopts IPv6), Putzolu, David Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), Keith Moore Re: myth of the great transition, S Woodside RE: myth of the great transition (was US Defense Department forma lly adopts IPv6), Hallam-Baker, Phillip Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), Keith Moore Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), Eric A. Hall

Previous by Date:	Re: WG review: Layer 2 Virtual Private Networks (l2vpn), Kurt Erik Lindqvist
Next by Date:	Re: myth of the great transition (was US Defense Department forma lly adopts IPv6), James Seng
Previous by Thread:	Re: NATs are NOT Firewalls, S Woodside
Next by Thread:	Re: NATs are NOT Firewalls, Daniel Senie
Indexes:	[Date] [Thread] [Top] [All Lists]