[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian ISOs

* Adam Borowski <kilobyte@angband.pl> [060824 01:46]:
> > This is a bit of a red herring. Torrents work without re-configuring 
> > firewalls, they just don't work as well.
> They don't work well if there's NAT[1] involved, you wanted to say. 
Blocking incoming connections is a common and good starting points for
every firewall setup. That NAT makes this mandatory does not change the
fact that protocols needing listening ports are a security hole many
people do not like to introduce.

> Do I
> need to point out a wonderful opportunity to push in some IPv6 propaganda?

One of the nice features of NAT is that it adds another layer of
security if your firewall contains a "no incoming connections" part:
If everything fails there still has to be some mechanism to translate
the intern IPs to extern addressable. So I hope someone will still
make it available with IPv6...

  Bernhard R. Link

Reply to: