TIP: Click on subject to list as thread!

ANSI

echo:	rberrypi
to:	ANDY BURNS
from:	RICHARD KETTLEWELL
date:	2020-07-31 11:47:00
subject:	Re: Amule with Raspberry
Andy Burns writes: > Richard Kettlewell wrote: >> NAT is not a security measure. People presumably assume it is because it >> is typically codeployed with an IPv4 firewall, but it’s the firewall >> that is protecting your network, not the NAT. > > ISTR your construed example relies on packets to and/or from RFC1918 > subnets managing to traverse the internet? The point of the example is to demonstrate that it’s not the NAT which actually implements the policy, it’s a packet filter. The actual addresses aren’t really relevant. If you think that RFC1918 addressing can stop packets chosen by an attacker from reaching your router then you’re assuming that: * your ISP cannot be hacked * your ISP cannot be coerced by the state * your ISP’s staffed cannot be bribed or blackmailed * your ISP’s staff are not themselves the attacker These aren’t realistic assumptions. -- https://www.greenend.org.uk/rjk/ --- SoupGate-Win32 v1.05 * Origin: Agency HUB, Dunedin - New Zealand \| FidoUsenet Gateway (3:770/3)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.