<p>You may be correct, but if not for NAT windows users would have no security at all.</p>
<p><blockquote type="cite">On Feb 5, 2011 12:47 PM, "Michael B. Trausch" <<a href="mailto:mike@trausch.us">mike@trausch.us</a>> wrote:<br><br><p><font color="#500050">On Sat, 2011-02-05 at 12:39 -0500, Mike Harrison wrote:<br>
> It also keeps the outside world from conne...</font></p>Everyone gather round. Say it with me:<br>
<br>
NAT is not a security mechanism.<br>
<br>
Seriously. I mean it.<br>
<br>
Let me repeat that: NAT is not a security mechanism.<br>
<br>
It was intended to enable privately addressed networks to have limited<br>
communication with hosts on the Internet. It has the side effect of<br>
using tables to figure out how to rewrite packets, but this does not<br>
provide any security. It does not.<br>
<br>
One more time: NAT IS NOT A SECURITY MECHANISM.<br>
<br>
Or to put it another way: NAT is as effective at providing security for<br>
your network as groping at airports is for providing security there.<br>
It's all a show; it's faux security that makes people feel better but<br>
does not serve any real purpose.<br>
<br>
I've gone on about NAT recently in other threads here. You can find<br>
those, or you can read the post I wrote in my blog about NAT if you<br>
want:<br>
<br>
<a href="http://mike.trausch.us/blog/2011/01/31/more-about-networking-part-2-nat/" target="_blank">http://mike.trausch.us/blog/2011/01/31/more-about-networking-part-2-nat/</a><br>
<br>
--- Mike<br>
<br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br></blockquote></p>