[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Is NAT can provide some kind of protection?

Subject: Is NAT can provide some kind of protection?
From: tme at americafree.tv (Marshall Eubanks)
Date: Sat, 15 Jan 2011 09:31:17 -0500
In-reply-to: <[email protected]>
References: <[email protected]><[email protected]><15191.1294852587@localhost><[email protected]><[email protected]><[email protected]><[email protected]><[email protected]><[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

On Jan 15, 2011, at 9:19 AM, Leen Besselink wrote:

> On 01/15/2011 03:01 PM, Joel Jaeggli wrote:
>> On 1/15/11 1:24 PM, Leen Besselink wrote:
>> 
>>> I'm a full supported for getting rid of NAT when deploying IPv6, but
>>> have to say the alternative is not all that great either.
>>> 
>>> Because what do people want, they want privacy, so they use the
>>> IPv6 privacy extensions. Which are enabled by default on Windows
>>> when IPv6 is used on XP, Vista and 7.
>> There aren't enough hosts on most subnets that privacy extensions
>> actually buy you that much. sort of like have a bunch of hosts behind a
>> single ip, a bunch of hosts behind a single /64 aren't really insured
>> much in the way of privacy, facebook is going to know that it's you.
>> 
> 
> Now this gets a bit a offtopic, but:
> 
> If you already have a Facebook account, any site you visit which has
> "Facebook Connect" on it usually points directly at facebook.com for
> downloading the 'Facebook connect' image so the Facebook-cookies have
> already been sent to Facebook.

That assumes that you use the same browser for Facebook as for other uses. I recommend not
doing that, but to dedicate a browser for Facebook only, precisely because 
Facebook plays these sorts of games and is such a security hole. 

Regards
Marshall 


> 
> Why would Facebook care about your IP-address ?
> 
>>> And now you have no idea who had that IPv6-address at some point
>>> in time. The solution to that problem is ? I guess the only solution is to
>>> have the IPv6 equivalant of arpwatch to log the MAC-addresses/IPv6-
>>> address combinations ?
>>> 
>>> Or is their an other solution I'm missing.
>>> 
>>> 
> 
> 
>

References:
- Is NAT can provide some kind of protection?
  - From: tariq198487 at hotmail.com (Tarig Ahmed)
- Is NAT can provide some kind of protection?
  - From: bill at herrin.us (William Herrin)
- Is NAT can provide some kind of protection?
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- Is NAT can provide some kind of protection?
  - From: bill at herrin.us (William Herrin)
- Is NAT can provide some kind of protection?
  - From: marka at isc.org (Mark Andrews)
- Is NAT can provide some kind of protection?
  - From: bill at herrin.us (William Herrin)
- Is NAT can provide some kind of protection?
  - From: dotis at mail-abuse.org (Douglas Otis)
- Is NAT can provide some kind of protection?
  - From: bill at herrin.us (William Herrin)
- Is NAT can provide some kind of protection?
  - From: owen at delong.com (Owen DeLong)
- Is NAT can provide some kind of protection?
  - From: bill at herrin.us (William Herrin)
- Is NAT can provide some kind of protection?
  - From: gbonser at seven.com (George Bonser)
- Is NAT can provide some kind of protection?
  - From: leen at consolejunkie.net (Leen Besselink)
- Is NAT can provide some kind of protection?
  - From: joelja at bogus.com (Joel Jaeggli)
- Is NAT can provide some kind of protection?
  - From: leen at consolejunkie.net (Leen Besselink)

Prev by Date: Is NAT can provide some kind of protection?
Next by Date: Is NAT can provide some kind of protection?
Previous by thread: Is NAT can provide some kind of protection?
Next by thread: Is NAT can provide some kind of protection?
Index(es):
- Date
- Thread