[ipv6hackers] Is there a telecom company which adpated IPv6 network on LTE?
Owen DeLong
owend at he.net
Fri Aug 16 00:52:58 CEST 2013
On Aug 15, 2013, at 15:18 , cb.list6 <cb.list6 at gmail.com> wrote:
> On Aug 15, 2013 12:30 PM, "Owen DeLong" <owend at he.net> wrote:
>>
>>> PS. NAT was not born to provide security, but it provides _some sort_ of
>>> security, and moreover it allows easier full logging of the traffic...
>>
>> NAT does not provide any form of security and it makes full logging of
> traffic
>> more difficult.
>>
>> Stateful inspection provides security. To the extent that NAT requires
> stateful
>> inspection, you get Stateful inspection (and it's related security) for
> free by
>> implementing NAT.
>>
>
> Having a stateful device in your network is a security risk.
You'll have to convince me of that one, but, even if that is the case, it doesn't
detract from my main point which was that any perceived security in NAT is
actually from stateful inspection and not from NAT.
Owen
More information about the Ipv6hackers
mailing list