Explain how NAT does this? NAT simply mangles the IP headers.
A stateful firewall can protect you from port scans and other baddies
without NAT.

It is bad because it has broken protocols, applications, and end-to-end
communications and caused much grief and likely loss of functionality in
various applications because of it, unseen loss of functionality.
I maintain NAT is evil. And even "extending the life of IPv4" is
debatable as a plus for the overall picture.

-----Original Message-----
From: Florin Iucha <florin at iucha.net>
Reply-to: TCLUG Mailing List <tclug-list at mn-linux.org>
To: TCLUG Mailing List <tclug-list at mn-linux.org>
Subject: Re: [tclug-list] vpn solutions
Date: Mon, 14 Feb 2011 10:36:07 -0600
Mailer: Mutt/1.5.18 (2008-05-17)


On Mon, Feb 14, 2011 at 10:22:42AM -0600, Justin Krejci wrote:
> Yep, this is why NAT is evil and bad in every way except for extending
> the life of IPv4.

It's not evil - it is more expensive for you and me.  Auntie Em don't
care one way or another.  Au contraire, NAT might protect her from
port scans and kiss of death packets (although indeed they have became
rarer these days).

Cheers,
florin

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
tclug-list at mn-linux.org
http://mailman.mn-linux.org/mailman/listinfo/tclug-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20110214/e2e68ea6/attachment-0001.html>