Repeating the same wrong points doesnt make you right. Every NAT based product w... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mystraline 17 days ago \| parent \| context \| favorite \| on: IPv6 is not insecure because it lacks a NAT Repeating the same wrong points doesnt make you right. Every NAT based product will have a firewall built in also by default. And it'll be deny-all except for conn-tracked. And that L2 attack is a martian packet. Why are you allowing reserved IPs talk on public network interfaces (hello, spoofing and obvious at that)? These are always blocked due to the reasons you describe. https://en.wikipedia.org/wiki/Martian_packet

Dylan16807 16 days ago [–]

> Every NAT based product will have a firewall built in also by default.

Well that's the point of the article isn't it? That the firewall is the important part, not the NAT.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact