[AusNOG] IPv4 Exhaustion, APNIC EC, and James is a nice bloke ; -)

Steve Baxter steve at thebaxters.com
Sat Jul 19 22:19:52 EST 2008


> NAT != security.

Yes, but NAT is far better than everything in your house being globally
addressable - by anybody ! 

Do you look forward to the day your IP enabled stereo wakes you at 3am
in the morning with spam that it is playing at 140W RMS because NAT !=
security ? Consumer devices are cheap therefore will rarely if ever see
either decent firmware in the first place or regular updates as old
software is exploited. Why have it as easy as walking address space
(larger universe in 6 admittedly) to find things that can be targeted.

Can you imagine a world now (the IPv4 world) where every rancid pile of
plastic and silicon from a cheap manufacturer in the home was globally
addressable ? In warfare do you want to be bullet proof (like a tank -
not very bullet proof and they are at the highest state of art) or
hidden ? If they can't see you they can't shoot you !

Now watch the zealots :-)

SB

> > I really don't understand the anti-NAT zealots. It's like they want
> to take all of the things we've learned about giving public IPs to
> workstations (DCOM/RPC/NetBios exploits) and repeat them, all over
> again. No NAT = bad mmkay?
> > ________________________________________
> > From: ausnog-bounces at ausnog.net [ausnog-bounces at ausnog.net] On
Behalf
> Of Matthew Moyle-Croft [mmc at internode.com.au]
> > Sent: Friday, 18 July 2008 12:45 PM
> > To: Noel Butler
> > Cc: ausnog at ausnog.net
> > Subject: Re: [AusNOG] IPv4 Exhaustion, APNIC EC, and James is a nice
> bloke ; -)
> >
> > My point was more that I've got an IPv4 /24 and use 10 addresses.
> I've got an IPv6 /56 and use 6 addresses (my media players etc don't
do
> v6 yet).    The density of allocation has decreased by <insert
> depressingly large number> (even if I just had a /64 for home) just to
> appease the anti-NAT zealots worshipping at the altar of the RFC2462
> god.   I hope their puny stateful firewalls let the evil spirits into
> their networks and corrupt their virgin servers.
> >
> > MMC
> >
> > PS.  History never repeats, I tell myself before I goto sleep.
> >
> >
> > Noel Butler wrote:
> > this adds further proof about abuse and waste of existing IP
> resources, at least MMC is man enough to admit he's one of the guilty.
> >
> >
> > On Fri, 2008-07-18 at 10:32, Matthew Moyle-Croft wrote:
> >
> > Free != Allocatable.
> >
> > ie.  I have an (ancient) class C of my own at home.   I use about 10
> > addresses all up.   So there are, let's call it 244 free.
> > But no one can get an allocation out of that or, for example,
Apple's
> /8.
> >
> > MMC
> >
> >
> >
> >
> >
> > ________________________________
> >
> > _______________________________________________
> > AusNOG mailing list
> > AusNOG at ausnog.net<mailto:AusNOG at ausnog.net>
> > http://lists.ausnog.net/mailman/listinfo/ausnog
> >
> >
> >
> > --
> > Matthew Moyle-Croft Internode/Agile Peering and Core Networks
> > Level 4, 150 Grenfell Street, Adelaide, SA 5000 Australia
> > Email: mmc at internode.com.au<mailto:mmc at internode.com.au>  Web:
> http://www.on.net
> > Direct: +61-8-8228-2909             Mobile: +61-419-900-366
> > Reception: +61-8-8228-2999          Fax: +61-8-8235-6909
> >
> > _______________________________________________
> > AusNOG mailing list
> > AusNOG at ausnog.net
> > http://lists.ausnog.net/mailman/listinfo/ausnog
> >
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> 
> --
> This message was scanned by ESVA and is believed to be clean.
> Click here to report this message as spam.
> http://mail.thebaxters.com/cgi-bin/learn-msg.cgi?id=92BF929B61.DF674
> 




More information about the AusNOG mailing list