On 2016-05-26 16:23, Anton Aylward wrote:
My point is that since OTS NAT devices don't do all this proactive 'firewall' things, and that applies just as much to established connections as the Mitnick-Shimomura hijacking demonstrated, something that the people who think that NAT is an adequate protection because it prevents unsolicited initiated incoming connections <strike>often</strike> usually forget, you DO need the proper firewall. Its why 'host level firewalls' are coming in. Its also why they are of limited use, since end users don't know how to configure them. its why 'smart assistants' than can configure them are coming next!
Good point. Firewalls on all devices. Yes. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)