Comcast Paranoia

[Jonathan Hutchins]

Any properly configured firewall will appear to the outside network to be a
single, tightly closed machine.  For a home network with no need to serve
internal resources promiscuously to any outside node, there will be no
reason to allow anything through the firewall that would allow scanning or
identification of the machines behind it.  All internal machine-specific
info should be stripped by the firewall and replaced by it's own
identification scheme.

This is not to say that all firewals are properly configured. but we're not
talking about plugging a raw hub into the modem either.