[ipv6hackers] Is there a telecom company which adpated IPv6 network on LTE?
cb.list6
cb.list6 at gmail.com
Fri Aug 16 00:18:29 CEST 2013
On Aug 15, 2013 12:30 PM, "Owen DeLong" <owend at he.net> wrote:
>
> > PS. NAT was not born to provide security, but it provides _some sort_ of
> > security, and moreover it allows easier full logging of the traffic...
>
> NAT does not provide any form of security and it makes full logging of
traffic
> more difficult.
>
> Stateful inspection provides security. To the extent that NAT requires
stateful
> inspection, you get Stateful inspection (and it's related security) for
free by
> implementing NAT.
>
Having a stateful device in your network is a security risk.
CB
> However, if your NAT is a stateless 1:1 mapping, then you get no
security, so
> clearly NAT is not the part that provides the security.
>
> As to logging of the traffic, again, NAT requires a single choke-point to
work.
> It is the single chokepoint that provides the easy logging of all
traffic, not the
> NAT itself.
>
> Owen
>
>
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers
More information about the Ipv6hackers
mailing list