Cat ๐Ÿˆ๐Ÿฅ— (D.Burch) โ 
If NAT is security, double NAT must be double security! 
Feb 23 at 8:44pmWeb
Show threadghosts Feb 23
@catsalad imagine full-cone NAT 
Show threadFritz AdalisFeb 23
@catsalad
Carrier Grade NAT is security for people who carry things uphill.
Show threadijFeb 23

@catsalad if ROT13 is encryption, double ROT13 must be double encryption!

๐Ÿ˜

Show threadDCoder ๐Ÿ‡ฑ๐Ÿ‡นโค๐Ÿ‡บ๐Ÿ‡ฆFeb 23
@ij @catsalad
Hear me out: 13 rounds of ROT13 
Show threadStuart Longland (VK4MSL)Feb 23
@ij @catsalad I always store government secrets in ROT3328.
Show threadChris DelucaFeb 24
@ij @catsalad Thatโ€™s just simple math right there.
Show threadLena Riot โ˜ญFeb 23
@catsalad I Nat all the time
Show threadjiub   Feb 23
@catsalad that's why i have triple NAT โ€‹โ€‹

CG-NAT
NAT in the shitty ISP modem/router
NAT in my own router

no way to open up ports anyway on this ISP anyway so i'm not really losing anything
Show thread๐Ÿˆโ€โฌ›David SommersethFeb 23
@jiub @catsalad That's what VPS+VPN is for ... To circumvent lousy ISP limitations.
Show threadjiub   Feb 23
@dazo @catsalad indeed, i forward my server's ssh port to a vps using autossh so i can easily log in remotely and access everything on the lan from there

i don't mind accessing things in an ad hoc manner so i haven't bothered with a full vpn yet
Show threadB'ad Samurai ๐Ÿ๐Ÿ‡บ๐Ÿ‡ฆFeb 23
@jiub @catsalad
Show threadCat ๐Ÿˆ๐Ÿฅ— (D.Burch) โ Feb 23
@badsamurai @jiub 3 Extra Natties!
Show threadjiub   Feb 23
@catsalad @badsamurai brb creating 12 more nat layers on my network โ€‹โ€‹
Show threadAron LindegรฅrdFeb 23
@catsalad If reverse proxy is security.... Actually maybe that would be double? Hmmmm ๐Ÿค”
Show threadGuillaume RossoliniFeb 23
@catsalad it isnโ€™t exponential?
Show threadThe Orange ThemeFeb 23
@catsalad More hairpins in my NAT than a drag queen's wig. ๐Ÿ’…๐Ÿฝ
Show threadToasterson (Till Wegmรผller)Feb 23
@catsalad From 2FAto 2FNAT? To 12 Factor NAT?
Show threadAndrewFeb 23
@catsalad good luck, Iโ€™m behind seven NATs
Show threadnestFeb 23

@catsalad

no NAT November is over

Show threadSleepyCatten (Joint Pain Arc)Feb 23

@catsalad

If you have 20 of them, it's a NAT 20 

Show threadMx. Eddie RFeb 23
@SleepyCatten @catsalad
And that means you win no matter what.
Show threadSleepyCatten (Joint Pain Arc)Feb 23

@silvermoon82 Depends on whether your admin has set up the network policies based on RAW or has applied a few homebrewed policies.

By default, whenever you've got NAT 20, the admin's remote powers are all critical successes, and they automatically succeed on all attempts to prevent network downtime.

With some homebrew policies, the admin might automatically succeed on all their physical actions too, such as moving servers around, routing ethernet cable like a pro, catching drives that try to fall out during hotswapping, preventing a DDOS attack, or plugging in a USB device the correct way round first time.

@catsalad

Show threadLisPiFeb 23
@catsalad The joys of 0 multiplication.
Show threadGreatLakeTroutFeb 23

@catsalad

Double NAT is a pain in the ass

Show threadnovelgazer Feb 23
@catsalad what double NAT might look like
Show threadDfirebugFeb 23

@catsalad I once put a host behind NAT46 > NAT64 > NAT44... It was reachable when it felt like it.

I really need to add NAT66 to complete the set.

Show threadCat ๐Ÿˆ๐Ÿฅ— (D.Burch) โ Feb 24
@dfirebug NAT66 is such a cursed concept (I love it) ๐Ÿ˜น
Show threadPsycodepathFeb 24
@catsalad that take is nats