11 Oct
2003
11 Oct
'03
6:45 a.m.
On Fri, Oct 10, 2003 at 08:07:05PM -0600, Adam Selene wrote:
IMHO, all consumer network access should be behind NAT. -snip- As for plug-in "workgroup" networking (the main reason why everything is open by default), when you create a Workgroup, it should require a key for that workgroup and enable shared-key IPSEC.
These two requirements are mutually exclusive outside of a LAN environment, and if you're on a LAN, why require IPSEC? Filtering or NAT do not protect you from bad implementation or bad protocol design. Penalizing users that need (and will pay) for reasonably accessible two way communication is not the answer, and never will be. --msa