[ipv6hackers] the end is near (or for IPv6: the beginning)

[Markus Reschke]

On Fri, 3 Jan 2014, Trevor Sullivan wrote:

Happy New Year!

> I've tried to discuss the NAT issue with friends of mine before, and they
> simply do not understand. NAT is not a security feature. Yes, you can get
> some implicit "security" by using it, but why would you not simply configure
> your firewall correctly?

> Up until now, NAT has been a "security feature" for lazy people, who don't
> want to take a few minutes to understand firewall configuration. Instead,
> they waste their time dealing with NAT issues that they wouldn't have to
> deal with if they would just accept that NAT is a hack.

Joe Average can't be bothered to hire an expensive network expert for 
configuring his US$30 DSL router. Joe from the IT department has to keep 
the Windows systems up running and got no time to care about fancy network 
security topics. His boss won't hire an network expert, budget 
constrains. But he asks Joe to manage also the routers and firewalls. And 
the router/firewall vendors are selling you happily network appliances 
with quick-setup-tools.

I understand your frustration but most people simply don't care as long as 
the internet access is running fine. Take Snowden and the NSA revelations 
for example. Only a few people are concerned and most think "I have 
nothing to hide". Sad but true.

cu, Markus
-- 
/ Markus Reschke \ / madires at theca-tabellaria.de \ / FidoNet 2:240/1661 \
\                / \                             / \                    /