Penetration Testing mailing list archives
RE: enumerating hosts behind a NAT box
From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 10 Jun 2005 10:49:37 -0500
"A Technique for Counting NATted Hosts" - AT&T Labs Research http://www.cs.columbia.edu/~smb/papers/fnat.pdf It uses the IPID, like in Idlescanning. I can't remember exactly, but I think it was this paper that sparked the whole idlescanning idea, but I could be confused. -Todd
-----Original Message----- From: Zuromski, Brian [mailto:brzurom () tycho ncsc mil] Sent: Friday, June 10, 2005 10:25 AM To: 'pen-test () securityfocus com' Subject: enumerating hosts behind a NAT box hello, I'm trying to design a network mapping program and need to know if there is a way to pickup (identify, count, os identification) any hosts behind a NAT box. Also identifying a NAT box in the first place would be useful. Anyone have any luck doing so before or know of a way? Thanks ~Brian
Current thread:
- enumerating hosts behind a NAT box Zuromski, Brian (Jun 10)
- RE: enumerating hosts behind a NAT box Leandro Reox (Jun 10)
- <Possible follow-ups>
- RE: enumerating hosts behind a NAT box Todd Towles (Jun 10)
- Re: enumerating hosts behind a NAT box Erik Kamerling (Jun 10)
- RE: enumerating hosts behind a NAT box Zuromski, Brian (Jun 10)