Subj : NAT
To   : Michiel van der Vlist
From : Markus Reschke
Date : Sun Jan 27 2019 14:32:42

Hi Michiel!

Jan 27 00:10 2019, Michiel van der Vlist wrote to Victor Sudakov:

 VS>> and that is exactly what security people love NAT for.

 MvdV> Hmmm... I would rather not put my faith in the hands of a "security 
 MvdV> expert" that believes in "security through obscurity"...

Basically, I fully agree. There are several methods to map an internal network. If one doesn't work, the bad guy simply tries another. But it could make senses to hide internal addresses as part of a security concept. If I'm concerned about my network security I would go for application level gateways which act as proxy and also filter stuff application specific. NAT doesn't prevent malicious web content to be downloaded while browsing the web.

ciao,
Markus

--- 
 * Origin: *** theca tabellaria *** (2:240/1661)

.