Penetration Testing mailing list archives
Re: testing for IP address space leakage in NAT systems
From: R P G <inittab () jtan com>
Date: Mon, 21 Jan 2002 14:31:13 -0500 (EST)
On Mon, 21 Jan 2002, Vladimir Parkhaev wrote:
Quoting R P G (inittab () jtan com):I was wondering if anyone knows of a method to test a NAT system for address space leakage. Thanks. --BobI would recommend to go up to the application layer. You will be surprised how much headers of a bounced email message will tell you.
Yes, very true. I don't know of any NAT system that'll keep application level info sanitized. What I am most concerned about is how well a NAT system does at keeping RFC1918 IP info from leaking at the network level. Often times servers are running in private address space and their services are redirected through a NAT. On many occasions my firewall has caught instances of leakage from these types of NATed systems. The only way I can think of detecting this is to setup a tcpdump session on the outside, very close to the NAT, looking for leaking RFC1918 IP's. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- RE: testing for IP address space leakage in NAT systems Jonah Kowall (Jan 21)
- <Possible follow-ups>
- Re: testing for IP address space leakage in NAT systems R P G (Jan 21)
- RE: testing for IP address space leakage in NAT systems Joshua Wright (Jan 22)