Reply to post: Re: A short and inaccurate history of NAT routers in the home

Windows 10 networking bug derails Microsoft's own IPv6 rollout

bombastic bob Silver badge
Devil

Re: A short and inaccurate history of NAT routers in the home

"Anybody that can send packets to your router with a dest IP set to 192.168.1.x can connect to your LAN machines regardless of any NAT going on on the router."

On an IMPROPERLY CONFIGURED router, yes. It's not that hard to create rules to block all incoming AND outgoing connections to/from RFC1918 addresses. I would assume that router makers would be smart enough to do this. If not, I'd like a list of FAIL, please...

Or the other choice: use 'bridge mode' on whatever 'thing' plugs into the intarweb, and firewall it with your OWN 'dual home' box, running Linux or FreeBSD. You could even set it up as an IPv6 gateway, via a free IPv4/IPv6 tunnel. Yeah. I do that.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon