Mangling the header did not prevent the worms, lack of state did that. A stateful filter that doesn't need to mangle the packet header is frequently called a firewall (yes some firewalls still do, but that is by choice).
Tony > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Andre Oppermann > Sent: Friday, July 08, 2005 4:42 AM > To: Fergie (Paul Ferguson) > Cc: [EMAIL PROTECTED]; [email protected] > Subject: Re: mh (RE: OMB: IPv6 by June 2008) > > > Fergie (Paul Ferguson) wrote: > > > > I'd have to counter with "the assumption that NATs are going > > away with v6 is a rather risky assumption." Or perhaps I > > misunderstood your point... > > There is one thing often overlooked with regard to NAT. That is, > it has prevented many network based worms for millions of home > users behind NAT devices. Unfortunatly this fact is overlooked > all the time. NAT has its downsides but also upsides sometimes. > > -- > Andre
