-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2010-09-09 12:08, Adam Tauno Williams wrote:
On Thu, 2010-09-09 at 09:05 +0200, Per Jessen wrote:
James Knott wrote:
Per Jessen wrote:
Golly - NAT IS NOT A SECURITY MEASURE! How many times does that have
to be said to sink in? It doesn't matter, it still does pretty well as such. It doesn't do anything that a properly configured firewall can't do. Start by blocking everything and then allow only what you want. Sure, but with NAT in his xDSL router, Joe Bloggs doesn't have to do anything at all.
And what does he have to do with IPv6? Nothing at all! AND all his apps [and games!] just work. The default firewall on every device I've seen is block-all-incoming-connections. So nothing changes as far as the [mythical] joe-user is concerned.
The default in my ISP's suplied adsl router is NO firewalll at all, and NAT. In fact, to activate the firewall one has to go over hidden config settings - by hidden I mean: · export config to a file on a computer. · edit xml config with an editor. · activate firewall in that config file. · upload changed config back to the router. Forget about the internal web page for configuration, nor telnet; until you do that, the firewall config is not accessible. - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Elessar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAkyLcRAACgkQU92UU+smfQWElQCgk5TctT3wxhM66MXiW/FHH4c9 p58An0+nQdpCxfcUPrLSU/lOGrGuc4Ex =jqCh -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org