Re: NAT Secure?

From: Whoever (nobody@devnull.none)
Date: 09/23/02 

From: Whoever <nobody@devnull.none>
Date: Mon, 23 Sep 2002 20:04:55 GMT

On 23 Sep 2002, Melinda Shore wrote:

> In article <Pine.LNX.4.44.0209231230580.14195-100000@c941211-a>,
> Whoever <nobody@devnull.none> wrote:
> >What end-to-end assumptions does NAT break?
>
> That addresses are globally unique, globally routable, and
> immutable. These were basic design points. Breaking these
> assumptions is why NAT causes so many protocols to fail.
>
> There's actually substantial literature about this.
> Saltzer's "The End-To-End Argument in System Design" is the
> seminal paper on this topic, but between recent internet
> drafts from the IAB on the internet architecture and the
> research literature on overlay networks there's quite a bit
> of descriptive literature out there that documents 1) what
> IP's design points were, 2) how NAT is in violation of those
> design points, and 3) specific problems caused by that
> violation (like the problem of getting IPSec AH across NATs,
> why NAT looks like a man-in-the-middle attack and why that
> can't be mitigated, etc.).

You appear to be arguing that NAT actually reduces the security of a
network. That is certainly an interesting viewpoint.

On point 3, NAT boxes can provide a IPSEC-passthrough. No changes to the
clients at either end of the IPSEC communication are required for this
functionality. I may be wrong, but I don't see how that allows a
man-in-the middle attack that could not be achieved without the NAT box.
In addition, secure client idenentification can be achieved by such means
as X509 certificates.

Relevant Pages

  • Re: NAT Secure?
    ... That addresses are globally unique, globally routable, and ... These were basic design points. ... assumptions is why NAT causes so many protocols to fail. ... There's actually substantial literature about this. ...
    (comp.security.firewalls)
  • Re: NAT Secure?
    ... These were basic design points. ... > assumptions is why NAT causes so many protocols to fail. ... > There's actually substantial literature about this. ... and why your network equipment is ...
    (comp.security.firewalls)
  • Re: Server with 2 Network Cards + cannot browse domain
    ... Firewall to consider which can give certain protection, ... >>> the server since that will be the only ip showing on the campus. ... >> That is another example of why this is a bad design. ... >> hand,...most never even heard the term NAT Overload and have no idea ...
    (microsoft.public.windows.server.networking)
  • Re: W2K3 IP forwarding (not routing)
    ... created a design that, by design will not do what you want because it isn't ... As far as using RRAS as just a Router, this will tkae care of that..... ... uses NAT at the "Network Edge" and trying to do it in the middle of a LAN ...
    (microsoft.public.windows.server.networking)
  • Re: NAT Secure?
    ... > That addresses are globally unique, globally routable, and immutable. ... > These were basic design points. ... Breaking these assumptions is why NAT ... I'd say that's more in the design of NAT. ...
    (comp.security.firewalls)
Loading