= Сообщение: 5828 из 7402 ============================================= IPV6 = От : Markus Reschke 2:240/1661 27 Jan 19 14:32:42 Кому : Michiel van der Vlist 27 Jan 19 14:32:42 Тема : NAT FGHI : area://IPV6?msgid=2:240/1661+5c4220d0 На : area://IPV6?msgid=2:280/5555+5c4ceb42 = Кодировка сообщения определена как: LATIN1 ================================= ============================================================================== Hi Michiel!
Jan 27 00:10 2019, Michiel van der Vlist wrote to Victor Sudakov:
VS>> and that is exactly what security people love NAT for.
MvdV> Hmmm... I would rather not put my faith in the hands of a "security MvdV> expert" that believes in "security through obscurity"...
Basically, I fully agree. There are several methods to map an internal network. If one doesn't work, the bad guy simply tries another. But it could make senses to hide internal addresses as part of a security concept. If I'm concerned about my network security I would go for application level gateways which act as proxy and also filter stuff application specific. NAT doesn't prevent malicious web content to be downloaded while browsing the web.