Re: restrict implicit binding to interfaces
- From: David Schwartz <davids@xxxxxxxxxxxxx>
- Date: Thu, 30 Oct 2008 10:54:51 -0700 (PDT)
On Oct 30, 8:10 am, Wolfgang Draxinger <wdraxin...@xxxxxxxxxxxxxxxx>
wrote:
I think, he's fallen for the misconception, that NAT and private
address ranges are means of security. Tell the people about
IPv6, and they'll respond in the same way.
They provide some security accidentally, which leads some people to
expect them to be reliable security schemes. This can cause a lot of
harm.
Another example is the mistaken notion that switches only send traffic
to the destination port, and therefore can be used as a means to keep
communications private. They provide some privacy accidentally, but
are not designed to do so securely unless specifically configured to
do so.
Both a bridge and a NAT device will generally, by default, be
configured to do everything they possibly can to make things "just
work" and this is the opposite of making things secure.
DS
.
- References:
- restrict implicit binding to interfaces
- From: Wolfgang Draxinger
- Re: restrict implicit binding to interfaces
- From: David Schwartz
- Re: restrict implicit binding to interfaces
- From: Rick Jones
- Re: restrict implicit binding to interfaces
- From: David Schwartz
- Re: restrict implicit binding to interfaces
- From: Maxwell Lol
- Re: restrict implicit binding to interfaces
- From: David Schwartz
- Re: restrict implicit binding to interfaces
- From: Wolfgang Draxinger
- restrict implicit binding to interfaces
- Prev by Date: Re: how can I modify the network packet payload?
- Next by Date: Re: restrict implicit binding to interfaces
- Previous by thread: Re: restrict implicit binding to interfaces
- Next by thread: Re: restrict implicit binding to interfaces
- Index(es):
Relevant Pages
|
