Comment by denkmoon

9 hours ago

This is entirely untrue. Every shitty router shipped by ISPs this side of the doctom bubble has a stateful firewall enabled by default. NAT is distinctly not the only thing protecting most home users. Not to mention every OS I know of shipping with its own firewall enabled with default deny on inbound.

4 comments

denkmoon

xl-brain 9 hours ago

You are stuck on the theory of what is protecting this population. In practice, less than 1% of these users can or will turn NAT off.

Can you imagine how great things would work out with a public IP on all your nana's computers, NAT turned off, protected by the prowess of her Arris gateway's stateful firewall?

denkmoon 3 hours ago

Telstra, one of Australia's massive telcos who are the "go to" telco for nannas who don't know anything about this internet thingy, have IPv6 enabled by default on their CPE routers. Without NAT. With a stateful firewall. Works perfectly fine for their millions of customers.
bigstrat2003 3 hours ago

It would work out just fine, because NAT was never providing any actual security to your nana. It was only ever the firewall which made her secure, not NAT.
mrsssnake 8 hours ago

With NAT turned on nana's computer is still protected by the same Arris gateway.