BBC News - 'Fresh proposals' planned over cyber-monitoring
Ian Batten
igb at batten.eu.org
Wed May 15 16:13:25 BST 2013
On 14 May 2013, at 20:38, Florian Weimer <fw at deneb.enyo.de> wrote:
> * Ian Batten:
>
>> On 13 May 2013, at 18:45, Florian Weimer <fw at deneb.enyo.de> wrote:
>>>
>>> Similarly, I don't think we want our fridges to be reachable from the
>>> public Internet at large, just because it happens to have an IPv4
>>> address for our own (personal) use.
>>
>> I don't buy that argument. It's trivially easy for routers to have
>> a default-block firewall rule with outbound state tracking, which
>> mimics the security semantics of NAT.
>
> And with such filtering, end-to-end reachability between arbitrary
> devices who haven't got a previous relationship is just not possible.
Sorry, could you explain that? How does NAT differ from stateful firewalling?
ian
More information about the ukcrypto
mailing list