[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200308140218.h7E2IM60003292@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Microsoft urging users to buy Harware Firewalls
On Wed, 13 Aug 2003 20:04:47 EDT, "Richard M. Smith" <rms@...puterbytesman.com> said:
> Windows directory from being accessed from the Internet. My only
> question is why aren't NAT routers built into all cable and DSL modems.
Because NAT is *not* a be-all and end-all. NAT *does* break things.
You can't easily do IPSec through a NAT (meaning you need to do some tap-dancing
if you want to VPN from one).
NAT breaks a lot of end-to-end stuff - for instance, if you have a NAT, it's *REALLY*
hard to have 2 different machines running servers on the same port.
http://www.ietf.org/rfc/rfc3027.txt?number=3027 for all the gory details
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030813/976fe2aa/attachment.bin
Powered by blists - more mailing lists