[e2e] Re: NAT usage at large companies
David P. Reed
dpreed at reed.com
Fri Oct 18 13:20:17 PDT 2002
At 02:27 AM 10/18/2002 -0400, RJ Atkinson wrote:
NAT without some other kind of security (e.g. stateful packet
>inspection firewall) does not provide meaningful security.
I'll take that, and raise you 5 - stateful packet inspection doesn't
provide meaningful security either (if you can figure out how to set it up
correctly in the first place, you gain no benefit unless you carefully
control what is on the "inside" of the firewall. A good first step: no
Microsoft application software (such as Outlook or Word). A good second
step: no Microsoft networking code, such as NetBIOS over TCP. A good third
step: no users.).
More information about the end2end-interest
mailing list