Re: Debian ISOs
* Adam Borowski <kilobyte@angband.pl> [060824 01:46]:
> > This is a bit of a red herring. Torrents work without re-configuring
> > firewalls, they just don't work as well.
>
> They don't work well if there's NAT[1] involved, you wanted to say.
Blocking incoming connections is a common and good starting points for
every firewall setup. That NAT makes this mandatory does not change the
fact that protocols needing listening ports are a security hole many
people do not like to introduce.
> Do I
> need to point out a wonderful opportunity to push in some IPv6 propaganda?
One of the nice features of NAT is that it adds another layer of
security if your firewall contains a "no incoming connections" part:
If everything fails there still has to be some mechanism to translate
the intern IPs to extern addressable. So I hope someone will still
make it available with IPv6...
Hochachtungsvoll,
Bernhard R. Link
Reply to: