On Wed, 5 May 2004 Michael.Dillon@radianz.com wrote:
(To deflect the inevitable "NAT is not a firewall" complaints, the box is a stateful inspection firewall -- as all NAT boxes actually are).
Hmmm, are you saying that the solution to many so-called Internet security vulnerabilities is for people to use an SI Firewall, aka Simple, Inexpensive Firewall, aka Stateful Inspection Firewall?
Its not a real solution, its just goes long way to reduce number of infections and how quickly some worms can spread (although NAT would have no efffect on spread of viruses by email so human factor is primary problem).
One wonders why the DSL/cable router manufacturers haven't caught on to this idea before now.
Its not manufacturers who did not caught up (in fact they did and offer very inexpensive personal dsl routers goes all the way to $20 range), its DSL providers who still offer free dsl modem (device at least twice more expensive then router) and free network card and complex and instructions on how to set this all up on each different type of pc. No clue at all that it would be only very marginally more expensive for them to integrate features of such small nat router into dsl modem and instead of offering PPPoverEthernet it could just offer NAT and DHCP and make it so much simpler for many of those lusers with only light computer skills to set this all up. -- William Leibzon Elan Networks william@elan.net