[Dagger2]

Thanks to privacy extensions most of those logged addresses will have expired and be useless. Also most people don't permit connections from the Internet to privacy addresses in the first place, they only add firewall exceptions for the base addresses, so even if you're running a server on the same machine you make an outbound connection from, the servers you connect to don't learn the IP needed to make an inbound connection on.

> IPv4 NAT allows people to have quite weak security internally in a network, and not get compromised.

No, it doesn't. This is allowed by having a firewall on the router, exactly the same as in v6. NAT doesn't block connections, so it doesn't contribute to this security.

Device firewalls do work, but connections will generally be rejected by the router's firewall before they even get that far.