JM> Date: Sun, 30 Mar 2003 10:34:28 -0500 JM> From: "McBurnett, Jim" JM> NAT-- HMMM - In my eyes that is a security precaution for the JM> ignorant.. Think of this: Joe user goes to Wally World, or JM> Staples and get's a Linksys BEFSR11 cable/dsl router. He adds JM> NAT, and walla, his computer is no longer wide open to the JM> world... Albeit not a stateful firewall, it is much more Actually, it _is_ stateful. It tracks state so it knows what inbound traffic is directed to what IP:port on the inside, or dropped if no match is found. Run 1:1 NAT and see how secure that is. Run a "public" IP address with stateful rules that drop inbound traffic unless outbound traffic happened "recently". Compare. NAT's "security" is a by-product of state that is necessary to achieve 1:N mapping. Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist@brics.com> To: blacklist@brics.com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist@brics.com>, or you are likely to be blocked.