[LINK] www.ipv6.org.au/summit
Kim Holburn
kim.holburn at gmail.com
Sun Aug 31 16:40:21 AEST 2008
On 2008/Aug/31, at 5:34 AM, Karl Auer wrote:
> On Sun, 2008-08-31 at 10:37 +0800, Adrian Chadd wrote:
>>> filtering. "Allow established back, block everything else". NAT is
>>> not
>>> needed.
>>
>> Stateless packet filtering won't work in every instance.
>
> No, of course not, But it's pretty much all you get from NAT, as a
> side
> effect of how it works. I'm not sure if you're agreeing with me here,
> making an additional point, or something else. You're not saying, are
> you, that the average NAT device has anything approaching reasonable
> stateful packet filtering?
I'm not sure I agree with this. Stateless NAT is a pretty broken kind
of thing. I doubt whether it'd be a lot of use for much, not even a
home network with more than one computer. Most commodity routers I've
come across run linux and why would you bother with a broken
implememtation of NAT when you have a stateful router?
>> Sorry, the 90's called, they want their sensible protocol designers
>> back.
>
> Indeed. NAT pretty much killed sensible application protocol design,
> because it (of necessity) took away end-to-end transparency.
>
> Regards, K.
>
> --
> ~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Karl Auer (kauer at biplane.com.au) +61-2-64957160 (h)
> http://www.biplane.com.au/~kauer/ +61-428-957160
> (mob)
>
> GPG fingerprint: DD23 0DF3 2260 3060 7FEC 5CA8 1AF6 D9E3 CFEE 6B28
> Public key at : random.sks.keyserver.penguin.de
>
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294 M: +39 3494957443
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
Democracy imposed from without is the severest form of tyranny.
-- Lloyd Biggle, Jr. Analog, Apr 1961
More information about the Link
mailing list