darf Feb 23

RE: https://infosec.exchange/@catsalad/116121891226554812

NAT is a security boundary. Fight me.

Show threadKevin Karhan 3d ago

@darfplatypus no it's not!

Cuz a #NAT without #Firewall is like an Airport with Train Station and Bus Hub allowing everyone to go everywhere...

Show threaddarf 3d ago
@kkarhan NAT is a state table, firewall is a state table. anything else is just pedantic
Show threadKevin Karhan 3d ago

@darfplatypus not entirely…

Both are independent from each other: You can have NAT w/o firewalling and firewalling w/o NAT or both together.

And yes, I had enough public IPs in the past that I could forego NAT and just Firewall.

Show threaddarf 3d ago
@kkarhan and yet, NAT wont let in a SYN, firewall wont let in a SYN, functionally, same shit.
Show threadKevin Karhan 
@darfplatypus #facehoof
Mar 22 at 4:28amWeb