On Jun 7, 2014, at 6:20 AM, Stephen Farrell <[email protected]> wrote:
> NATs have both good and bad properties. The slightly better privacy
> is one of the good ones.
Better for the hosts they 'hide'; worse as a common network access point.
Consider an enterprise. There are two things we can learn about it from IP
addresses:
- without a NAT, we learn about activity of individual hosts
- with a NAT, we learn the common network access point
If I want to track host activity - or attack a host, the former is better.
If I want to know what to DOS to take down the entire enterprise, the latter is
better.
Think of it this way:
a NAT hides the host *at the expense* of exposing a router
If we're serious about considering privacy issues, there's a LOT more homework
to be done.
Joe
_______________________________________________
Int-area mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/int-area
