nanog mailing list archives
Re: DDOS attacks and Large ISPs doing NAT?
From: Valdis.Kletnieks () vt edu
Date: Thu, 02 May 2002 14:42:31 -0400
On Thu, 02 May 2002 11:32:48 PDT, "Mansey, Jon" said:
As I said, in a NAT'd scenario the IP stack will never see an unsolicited request and hence not respond to it. The phone side of course will ring when called. Duh.
That's the *point*. You hand the phone a trojan/virus/whatever when it's making an OUTBOUND connection on the NAT side (for instance, if the PDA side is checking mail, feed it a trojaned piece of mail). You then have the trojan drop you a note "Oh, and my phone number is XXX-YYYY". Then, when it's time to attack somebody, you send the phone a page that tells the trojan "Hey XXX-YYYY, wake up and pound on victim address <whatever>". With proper encoding of the page, the phone's owner may even just say "Damn, more <bleeping> Korean spam in characters I can't read", and not notice that 45 seconds later, the phone starts chirping away by itself.... The point is that you can contact the phone via *non-NAT* means and have it launch an attack - the fact you can't wake it up via NAT can be worked around. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
_bin
Description:
Current thread:
- RE: DDOS attacks and Large ISPs doing NAT?, (continued)
- RE: DDOS attacks and Large ISPs doing NAT? Ian Cooper (May 02)
- RE: DDOS attacks and Large ISPs doing NAT? Daniska Tomas (May 02)
- RE: DDOS attacks and Large ISPs doing NAT? Mansey, Jon (May 02)
- RE: DDOS attacks and Large ISPs doing NAT? Gary E. Miller (May 02)
- Re: DDOS attacks and Large ISPs doing NAT? Valdis . Kletnieks (May 02)
- Re: DDOS attacks and Large ISPs doing NAT? Bradley Dunn (May 02)
- Re[2]: DDOS attacks and Large ISPs doing NAT? Richard Welty (May 02)
- Re: DDOS attacks and Large ISPs doing NAT? Alexei Roudnev (May 03)
- RE: DDOS attacks and Large ISPs doing NAT? Mansey, Jon (May 02)
- RE: DDOS attacks and Large ISPs doing NAT? Mansey, Jon (May 02)
- Re: DDOS attacks and Large ISPs doing NAT? Valdis . Kletnieks (May 02)
- RE: DDOS attacks and Large ISPs doing NAT? Daniska Tomas (May 02)