Hacker News new | ask | show | jobs
by vardump 2556 days ago
> If I did that, I’d either have to install firewalls on my devices, or expose all services running on my devices to the internet.

Your router could still firewall them all the same. NAT or no NAT. You would not need to have a firewall on each individual device.
1 comments
AmericanChopper 2556 days ago
So you can replace the security controls provided by NAT with security controls provided by a firewall. How does this support the argument that NAT doesn’t provide any security controls?
link
vardump 2556 days ago
NAT is not meant for security. It just unintentionally provides some by preventing inbound connections.

That's something you can circumvent in certain scenarios. The technique is called "NAT hole punching".

link
zAy0LfpBZLC8mAC 2556 days ago
> It just unintentionally provides some by preventing inbound connections.

No, it doesn't.

link
vardump 2556 days ago
Of course you should also have a properly configured firewall.

Relying on NAT alone for security is not a great idea.

link