WingNews logo WingNews
top | item 46700893

(no title)

dissent | 1 month ago

NAT isn't protecting them. Not being on the public internet at all is protecting them.

NAT is then unprotecting them a little by letting them punch out again. It's super easy for routers to implement this behaviour by default if your LAN is publicly addressable, and removes a whole class of exploits caused by applications making NAT hacks.

discuss

order

xl-brain|1 month ago

This is splitting hairs. The point stands that PAT is the de facto firewall for most soho users.

dissent|1 month ago

Not in the context of claiming NAT offers protection.

An ipv6 lan with default ingress deny is more secure than ipv4+nat