lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <004801c36210$263cbf60$550ffea9@rms> From: rms at computerbytesman.com (Richard M. Smith) Subject: Microsoft urging users to buy Harware Firewalls Context is important. We are talking about home computers here. IPSEC and multiple servers aren't very relavent to most home computer users. If someone has more than one computer on a home network, they probably already have a NAT box to share the network connection. The suggestion here is that for folks who are running only one computer should also get a NAT box if they are connecting to the Internet via a cablemodem or DSL connection. NAT boxes have this nice characteristic that they act as a firewall. Richard -----Original Message----- From: Valdis.Kletnieks@...edu [mailto:Valdis.Kletnieks@...edu] Sent: Wednesday, August 13, 2003 10:18 PM To: Richard M. Smith Cc: full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls On Wed, 13 Aug 2003 20:04:47 EDT, "Richard M. Smith" <rms@...puterbytesman.com> said: > Windows directory from being accessed from the Internet. My only > question is why aren't NAT routers built into all cable and DSL modems. Because NAT is *not* a be-all and end-all. NAT *does* break things. You can't easily do IPSec through a NAT (meaning you need to do some tap-dancing if you want to VPN from one). NAT breaks a lot of end-to-end stuff - for instance, if you have a NAT, it's *REALLY* hard to have 2 different machines running servers on the same port. http://www.ietf.org/rfc/rfc3027.txt?number=3027 for all the gory details
Powered by blists - more mailing lists