The point i was trying to make was regarding the one-to-many model that
proxies employ and as part of the security model the proxy process will
translate the ip address of any inside host to a single "outside" ip
address. IP masquarading has been "casually" used to reflect this
behavoir. However, I agree with your point that the ip masq name evolved
from Linux and technically should be referred to as a Linux capability.
Thanks for the clarification.
/bob mcm
Ron DuFresne wrote:
> On Mon, 22 May 2000, Robert McMahon wrote:
>
> [SNIP]
>
> > I would also say that the reason for employing NAT is not the same as
> > employing ip masq. I don't believe NAT was designed to be a security
> > mechanism, while ip masq was (as part of the proxy function).
> >
>
> I do not think proxies require ipmasq, which, if I understand this, is a
> linux implementation only. And basiacally NAT/IPmasq is not a security
> solution as proxies are, unless security through obscurity has become
> functiuonally validated.
>
> Thanks,
>
> Ron DuFresne
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "Cutting the space budget really restores my faith in humanity. It
> eliminates dreams, goals, and ideals and lets us get straight to the
> business of hate, debauchery, and self-annihilation." -- Johnny Hart
> ***testing, only testing, and damn good at it too!***
>
> OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
