North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: mh (RE: OMB: IPv6 by June 2008)

  • From: Tony Hain
  • Date: Thu Jul 07 16:03:55 2005

Mangling the header did not prevent the worms, lack of state did that. A
stateful filter that doesn't need to mangle the packet header is frequently
called a firewall (yes some firewalls still do, but that is by choice). 

Tony 

> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
> Andre Oppermann
> Sent: Friday, July 08, 2005 4:42 AM
> To: Fergie (Paul Ferguson)
> Cc: dcrocker@bbiw.net; nanog@merit.edu
> Subject: Re: mh (RE: OMB: IPv6 by June 2008)
> 
> 
> Fergie (Paul Ferguson) wrote:
>  >
> > I'd have to counter with "the assumption that NATs are going
> > away with v6 is a rather risky assumption." Or perhaps I
> > misunderstood your point...
> 
> There is one thing often overlooked with regard to NAT.  That is,
> it has prevented many network based worms for millions of home
> users behind NAT devices.  Unfortunatly this fact is overlooked
> all the time.  NAT has its downsides but also upsides sometimes.
> 
> --
> Andre