Security Basics mailing list archives

Re: Security Basics

From: "Stephanus J Alex Taidri" <staidri () gmail com>
Date: Thu, 20 Oct 2011 08:56:46 +0000

Hi Nahuche,

One method of NAT related attack that I'm thinking is a NAT overload (PAT) exhausted attack which usually can be done 
in one direction (from LAN to Internet) where few compromised PCs within the LAN together are initiating tremendous 
(massive) outbound tcp port connections to internet.

If it can reach more than 65535 outbound NAT translations, this alone could cause a "denial of service" effect on 
average small companies which has only single IP for PAT by exhausting the available ports translation.

Not to mentioned that before reaching those 65535 connections, the ordinary router without NIDS/IPS or 
intelligent/awareness on this kind of attack may probably get crashed or out of memory or worst, smashed by buffer 
overflow which may or may not lead to the next interesting things -- if you know what I mean ;)
Best Regards,
Stephanus J Alex Taidri

--- Sent from my BlackBerry

-----Original Message-----
From: nahuche () gmail com
Sender: listbounce () securityfocus com
Date: Wed, 19 Oct 2011 17:49:02 
To: <security-basics () securityfocus com>
Subject: Security Basics

Hello all, im a PhD student and want to focus on network security, to be precise, i want to focus on Security in 
Transition Mechanisms, i have a good networking foundation from protocols to Network Address Translation which is 
important for most Transition Mechanisms there are in use. I know all about using Nmap for fingerprinting, Wireshark 
for capturing network traffic and Nessus for vulnerability detection and using Metaspoilt for actual exploitation and 
post exploitation attacks but i need some ideas on how to go about attacking NAT routers and other security issues 
associated with Network Address Translation, books, papers, articles would be great especially those that have the 
step-by-step guide of how to go about the attack.
Thank you in advance for all the help.
Ahmed Nahuche

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Security Basics nahuche (Oct 19)
- RE: Security Basics Mikhail A. Utin (Oct 20)
  - Re: Security Basics Ahmed Nahuche (Oct 20)
    - Re: Security Basics Mark van Dijk (Oct 31)
    - Re: Security Basics nahuche (Oct 31)
    - Re: Security Basics Matthew Reed (Oct 31)
- RE: Security Basics juan babi (Oct 20)
- Re: Security Basics Stephanus J Alex Taidri (Oct 20)