zlacker

[parent] [thread] 0 comments
1. Legion+(OP)[view] [source] 2024-06-01 11:52:18
I think the usual security objection is that if the NAT router receives a packet from the outside, with its destination set to a local address, the router will just let it through, in the absence of a firewall.

But as far as I can tell, that's only relevant for an attacker who can MITM the connection between the local router and the next ISP router, since clearly the ISP wouldn't know who to forward the local address to. I'd think it isn't within the threat model of the "typical internet user" who'd be running such a poorly-configured network.

[go to top]