Unruh wrote:
> "jameshanley39@yahoo.co.uk" <jameshanley39@yahoo.co.uk> writes:
>
>> On 18 Oct, 19:14, Leythos <v...@nowhere.lan> wrote:
>>> In article <LWNRi.11385$GO5.3118@edtnps90>, unruh-s...@physics.ubc.ca
>>> says...
>>>
>>>
>>>
>>>> Yes, agreed. But that is irrelevant. The question is not whether or not a
>>>> firewall is more flexible than a NAT router, it is. The question is whether
>>>> there is a difference in security against unsolicited outside attacks
>>>> between a firewall which blocks all unsolicited outside connections, and a
>>>> NAT router with no port holes punched through (Ie no ports forwarded).
>>> Yes, there is a difference.
>>>
>>> All quality firewalls have certifications from independent authorities
>>> that will state how they work and that they are actually providing xyz.
>
> I am sorry, but you regard paper as a valid computer defense. Who cares if
> they have a piece of paper attached? The question is not who has the paper
> trail, but who has the security.
>

True but one of the things this also shows is that it has been ( thoroughly)
peer-reviewed by ( experts).I have my doubts as well since there is a lot of
potential for fraud in this space.

I like to think of it as the commercial variant to opensource software.
eg with many eyes bugs are shallow.

>>> NAT Routers have no certification (at least in the class we're talking
>>> about) and have been shown, many times, to have exploits that allow
>>> Unsolicited inbound traffic to pass through - even with no rules set by
>>> the owner.
>
> As have firewalls as times.
>
>
>
>> Where has it been shown many times?
>
>> ( Not shown [many times] in this newsgroup. I first heard of any such
>> issue from a few months ago perhaps, from Sebastian, on this
>> newsgroup, and since by Volker. In a thread where you were advocating
>> NAT for - I thought - blocking incoming )
>
>
>