[e2e] Re: NAT usage at large companies

David P. Reed dpreed at reed.com
Fri Oct 18 13:20:17 PDT 2002

At 02:27 AM 10/18/2002 -0400, RJ Atkinson wrote:
NAT without some other kind of security (e.g. stateful packet
>inspection firewall) does not provide meaningful security.

I'll take that, and raise you 5 - stateful packet inspection doesn't 
provide meaningful security either (if you can figure out how to set it up 
correctly in the first place, you gain no benefit unless you carefully 
control what is on the "inside" of the firewall.   A good first step: no 
Microsoft application software (such as Outlook or Word).  A good second 
step: no Microsoft networking code, such as NetBIOS over TCP. A good third 
step: no users.).

More information about the end2end-interest mailing list