On Fri, Jul 15, 2011 at 8:53 PM, Johan Kullstam <[email protected]> wrote: > Camaleón <[email protected]> writes: > >>>> > It's probably not the best thing, but I depend on the NAT gateway for >>>> > a lot of my security--with IPv6, will I still be able to do that? >>>> >>>> NAT and security do not match. You better put a good firewall and/or >>>> IPS system in between ;-) > > With IPv6 it is not an issue. It's not like IPv6 is actually routable > across the internet. :-> > >>> Hmm, I need to knock on some wood--wait, I can knock on my head--that is >>> about the same ;-) So far, NAT seemingly has provided pretty good >>> security for me. >> >> :-) >> >> Yes, most of us -wrongly- believe that our NATed router is like a wall >> between our computers and the dangerous external web (because indeed it >> is hidding somehow) but this is not a security measure per se but >> security by obfuscation: that we can't see it does not mean we can't >> reach it. There can be still holes in router's firmware or bad configured >> DSL devices that may expose the user regardless NATed or not ;-) > > OK, you put a new XP box directly on the internet and I'll put one > behind a NAT router box. Do you wish to take bets on who can update > before getting owned? > > NAT is a firewall. Maybe not a great one. But it does function as such.
If you're using a NAT box without any firewalling (so none of the commercial router boxes like Linksys, Netgear, ...), it'll be exactly the same. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/CAOdo=Syjo3XrNbJ-3jJtWRGkZyM=wodypjuq0ztphm4uqja...@mail.gmail.com
