[ale] OT move to new Colo that wants to use NAT

Jim Kinney jim.kinney at gmail.com
Mon Nov 10 11:34:38 EST 2008


I have always viewed NAT as a "Security through obscurity" TCP/IP process.
It is not a good idea to view NAT as a security practice but as a way to
gang up multiple unroutable IP's onto a single routable address.

Security is a process, not a product.

On Mon, Nov 10, 2008 at 11:25 AM, Jim Popovitch <yahoo at jimpop.com> wrote:

> 2008/11/10 Michael H. Warfield <mhw at wittsend.com>:
> >  NAT provides no security that isn't present in a stateful firewall.
>
> So NAT does provide some level of security?
>
> I think you are making my point that NAT is a level of improved
> security over a situation of no firewall and publicly accessible IPs
> (common colo situation).
>
> -Jim P.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>



-- 
-- 
James P. Kinney III
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20081110/83a2b418/attachment-0001.html 


More information about the Ale mailing list