| ▲ | dissent 3 hours ago | |||||||
NAT isn't protecting them. Not being on the public internet at all is protecting them. NAT is then unprotecting them a little by letting them punch out again. It's super easy for routers to implement this behaviour by default if your LAN is publicly addressable, and removes a whole class of exploits caused by applications making NAT hacks. | ||||||||
| ▲ | xl-brain an hour ago | parent [-] | |||||||
This is splitting hairs. The point stands that PAT is the de facto firewall for most soho users. | ||||||||
| ||||||||