[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPsec and Mobile IPv6
-----BEGIN PGP SIGNED MESSAGE-----
Francis, your draft is very short.
My three sentence summary is:
1. NATs are devices in the path.
2. Any device in the path can perform a DoS attack or change IP addresses.
3. A number of protocols have been made NAT-friendly by removing the
IP source address (and/or port) from within the protection, leaving those
protocols open to "pseudo-NATs".
As much as I dislike NAT .... I guess I'm just not very convinced this is a
serious issue.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys
iQCVAwUBPTX/tYqHRg3pndX9AQGNdgQAkpJv5dPUnBjJcEqpIT0kwVyA0V9Z+n/Y
XdWmnmqLlq4vVvuVsWIIPZtrZzRduavTkEW4j6cqhgu9OVuHh1c7B7GQR4rJJWeQ
KzBvVXaFrm3qkW8gxBqaJBPVcCOel86ckHPxzZHNIr0E5y1gOWJD/AT0I92AlkKo
sd3s7PgKMCs=
=qhAu
-----END PGP SIGNATURE-----