In message <001501bfaf43$127e4d00$[EMAIL PROTECTED]>, "Eliot Lear" writes:
>It is a complete fallacy that NAT provides any sort of security. It does
>no such thing. Security is provide by a firewall, and (more importantly)
>by strong security policies that are policed and enforced.
Eliot is absolutely right. A NAT box *might* be part of a firewall, but by
itself it isn't one. It's no more secure, and often less so, than an
application-level firewall.
The myth that NATs per se provide strong security is one of the greatest
barriers to their elimination.
--Steve Bellovin
