Penetration Testing mailing list archives
Re: attack on a computer behind a nat.
From: David Howe <DaveHowe.Pentest () googlemail com>
Date: Fri, 12 Sep 2008 10:21:40 +0100
Shreyas Zare wrote:
Hi, Thats precisely Simple Traversal of UDP through NAT (STUN) protocol. I believe that only UDP can be exploited with some success and TCP will be almost impossible unless you compromise the NAT box itself.
Pretty much, yes. Normally, an outbound tcp will be just that - a port opened at random by a program to perform an outbound (originating) tcp handshake and conversation; it won't be expecting to receive an inbound tcp handshake on that port, and usually will just drop packets of that type. udp ports are much more likely to accept random packets from places they aren't expecting them to come from. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- attack on a computer behind a nat. Michael Kitange (Sep 09)
- Re: attack on a computer behind a nat. fleetscribbler () socket net (Sep 09)
- RE: attack on a computer behind a nat. Alex Eden (Sep 09)
- Re: attack on a computer behind a nat. Mark Owen (Sep 09)
- attack on a computer behind a nat. Michael Kitange (Sep 09)
- Re: attack on a computer behind a nat. Krugger (Sep 10)
- Re: attack on a computer behind a nat. David Howe (Sep 10)
- Re: attack on a computer behind a nat. Shreyas Zare (Sep 12)
- Re: attack on a computer behind a nat. David Howe (Sep 12)
- Re: attack on a computer behind a nat. Mark Owen (Sep 09)
- <Possible follow-ups>
- Re: attack on a computer behind a nat. Christian Eric EDJENGUELE (Sep 09)
- Re: attack on a computer behind a nat. publists (Sep 12)