Security Basics mailing list archives
Re: Security Basics
From: "Stephanus J Alex Taidri" <staidri () gmail com>
Date: Thu, 20 Oct 2011 08:56:46 +0000
Hi Nahuche, One method of NAT related attack that I'm thinking is a NAT overload (PAT) exhausted attack which usually can be done in one direction (from LAN to Internet) where few compromised PCs within the LAN together are initiating tremendous (massive) outbound tcp port connections to internet. If it can reach more than 65535 outbound NAT translations, this alone could cause a "denial of service" effect on average small companies which has only single IP for PAT by exhausting the available ports translation. Not to mentioned that before reaching those 65535 connections, the ordinary router without NIDS/IPS or intelligent/awareness on this kind of attack may probably get crashed or out of memory or worst, smashed by buffer overflow which may or may not lead to the next interesting things -- if you know what I mean ;) Best Regards, Stephanus J Alex Taidri --- Sent from my BlackBerry -----Original Message----- From: nahuche () gmail com Sender: listbounce () securityfocus com Date: Wed, 19 Oct 2011 17:49:02 To: <security-basics () securityfocus com> Subject: Security Basics Hello all, im a PhD student and want to focus on network security, to be precise, i want to focus on Security in Transition Mechanisms, i have a good networking foundation from protocols to Network Address Translation which is important for most Transition Mechanisms there are in use. I know all about using Nmap for fingerprinting, Wireshark for capturing network traffic and Nessus for vulnerability detection and using Metaspoilt for actual exploitation and post exploitation attacks but i need some ideas on how to go about attacking NAT routers and other security issues associated with Network Address Translation, books, papers, articles would be great especially those that have the step-by-step guide of how to go about the attack. Thank you in advance for all the help. Ahmed Nahuche ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Security Basics nahuche (Oct 19)
- RE: Security Basics Mikhail A. Utin (Oct 20)
- Re: Security Basics Ahmed Nahuche (Oct 20)
- Re: Security Basics Mark van Dijk (Oct 31)
- Re: Security Basics nahuche (Oct 31)
- Re: Security Basics Matthew Reed (Oct 31)
- Re: Security Basics Ahmed Nahuche (Oct 20)
- RE: Security Basics Mikhail A. Utin (Oct 20)