Here is a point - what kind of I&A would go on these accessible devices? Do you WANT to be able to address (and control) your fridge remotely? How about your home heating? Want to come home to find a disgruntled hacker thought it funny to have your fridge turned off and 130 degrees in your house?
Charles Adams wrote: > > If it hides the IP address of your fridge, wouldn't that impair anyone from > drinking your milk? If access to the resource is blocked using NAT, then > isn't that aspect of security inherent to NAT? > > Charles > > +-------------------------+-------------------------+ > | Charles Adams | US Pipe and Foundry | > | Network Security Admin | 3300 1st Avenue North | > | [EMAIL PROTECTED] | Birmingham, AL 35222 | > +-------------------------+-------------------------+ > > All opinions expressed here are solely my own. > > Peter Deutsch wrote: > ... > > > > The moral of the story? Traffic patterns and metadata can be powerful > tools and > > one person's junk is another person's data. You should not assume that the > > majority of people shouldn't or wouldn't care about it leaking out, even > if at > > first glance it seems pretty mundane. > > Absolutely true. Nothing to do with NATs. Any router conceals internal > traffic > patterns. Any router can hide internal addresses that don't talk to the > outside. > All the NAT hides is the number of logically (not physically) distinct hosts > > inside that do talk to the outside. This is not security; it might hide > the IP address of your fridge, but it doesn't hide your fridge. > > Brian -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566
