Penetration Testing mailing list archives
Re: attack on a computer behind a nat.
From: "Shreyas Zare" <shreyas () technitium com>
Date: Thu, 11 Sep 2008 18:28:43 +0530
Hi, Thats precisely Simple Traversal of UDP through NAT (STUN) protocol. I believe that only UDP can be exploited with some success and TCP will be almost impossible unless you compromise the NAT box itself. Regards, On Wed, Sep 10, 2008 at 2:53 PM, David Howe <DaveHowe.Pentest () googlemail com> wrote:
Mark Owen wrote:Only problem with that is the firewall/router/nat won't be expecting a result from your IP address and will drop it as it would have no idea what computer behind the nat to forward it to. If there is no underlying session, there is no communication.Most nats, particularly for udp, aren't that smart. they will accept a packet "to" the natted outside IP+port and forward it to the internal host. There are nat2nat session proxy servers that take advantage of that - they accept two connections (from a:aport and b:bport) and tell "a" to connect to b:bport and "b" to connect to a:aport. Mostly, this works. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
-- ("There are only 10 kinds of people in this world: those who know binary and those who don't.") Shreyas Zare Co-Founder, Technitium eMail: shreyas () technitium com ..::< The Technitium Team >::.. Visit us at www.technitium.com Contact us at theteam () technitium com Technitium Personal Computers We believe in quality. Visit http://pc.technitium.com for details. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- attack on a computer behind a nat. Michael Kitange (Sep 09)
- Re: attack on a computer behind a nat. fleetscribbler () socket net (Sep 09)
- RE: attack on a computer behind a nat. Alex Eden (Sep 09)
- Re: attack on a computer behind a nat. Mark Owen (Sep 09)
- attack on a computer behind a nat. Michael Kitange (Sep 09)
- Re: attack on a computer behind a nat. Krugger (Sep 10)
- Re: attack on a computer behind a nat. David Howe (Sep 10)
- Re: attack on a computer behind a nat. Shreyas Zare (Sep 12)
- Re: attack on a computer behind a nat. David Howe (Sep 12)
- Re: attack on a computer behind a nat. Mark Owen (Sep 09)
- <Possible follow-ups>
- Re: attack on a computer behind a nat. Christian Eric EDJENGUELE (Sep 09)
- Re: attack on a computer behind a nat. publists (Sep 12)