Once upon a time, Valdis.Kletnieks@vt.edu <Valdis.Kletnieks@vt.edu> said:
In any case, to a first-order approximation, it doesn't even matter all that much security wise. I mean - let's be *honest* guys. After XP SP2 got any significant market penetration, pretty much everybody had a host-based firewall that defaulted to default-deny, so the NAT-firewall was merely belt and suspenders.
Well, that covers the hosts. "Normal" people are adding more devices than PCs all the time, such as network printers (which have a very spotty security record, especially on the cheap end) and disk servers. Network devices like that _can't_ just block all access. -- Chris Adams <cmadams@hiwaay.net> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.