[Info-vax] "Linux Shminux - IPsec is Snake Oil!" VMS Mgmnt
Bill Pechter
pechter at bandit.pechter.dyndns.org.pechter.dyndns.org
Mon Apr 13 22:22:03 EDT 2009
In article <74hrasF12o3uvU1 at mid.individual.net>,
Bill Gunshannon <billg999 at cs.uofs.edu> wrote:
>In article <176uZD2KcidF-pn2-Ng1UCvMHmXDL at rikki.tavi.co.uk>,
> "Bob Eager" <rde42 at spamcop.net> writes:
>> On Mon, 13 Apr 2009 18:04:22 UTC, JF Mezei
>> <jfmezei.spamnot at vaxination.ca> wrote:
>>
>>> Bob Eager wrote:
>>>
>>> > Maybe. Mine is the opposite. Everything has a public IP address.
>>>
>>> There is nothing wrong with feeling at ease with being exposed to the
>>> world, borderline exhibitionist...
>>
>> If I were exposed to the world, I'd be worried...NAT is not a universal
>> panecea.
>
>Yeah, but it is amazing how many people think it is some kind of a
>security system. There are many ways to get past a NATed system.
>
>>
>>> NAT routers really provide 2 functions: the NAT and a firewall function.
>>>
>>> Just because you go IPv6 and no longer need NAT doesn't mean that your
>>> router will lose its firewall capabilities. In fact, they should be
>>> augmented.
>>
>> I agree. And my firewall is a dedicated machine, not just the stuff in a
>> cheap router.
>
>As it shoudl be. And not just a linux box pretending to be a firewall.
>
>bill
>--
>Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
>billg999 at cs.scranton.edu | and a sheep voting on what's for dinner.
>University of Scranton |
>Scranton, Pennsylvania | #include <std.disclaimer.h>
Ok Bill. I have to ask. Why not.
What's a PIX got that IPCop or Smoothwall don't have?
What's not available in iptables or FreeBSD's pf...
Bill
Inquiring minds want to know...
--
--
Digital had it then. Don't you wish you could buy it now!
pechter-at-pechter.dyndns.org
More information about the Info-vax
mailing list