Security Basics mailing list archives
RE: Request for feedback on ip-nat
From: "Joris L." <jorislambrecht () pandora be>
Date: Wed, 04 Feb 2004 22:23:35 +0100
Op di 03-02-2004, om 21:33 schreef Shawn Jackson:
From: Joris L. [mailto:jorislambrecht () pandora be] I'm currently investigating possible reasons for client-programs to a im network to disconnect for no real apparent reason. What could be the possible causes, what could cause a time-out to occur ?Some 'cheap' NAT boxes will clear their connection cache, or at least the oldest connections, to conserve memory. I've noticed this on older Netgear and some linksys boxes at busy offices.
I'm using Linux with iptables. For my home-fw i have no issues with this. I've even tried-out switching hardware because of possible link-layer/framing issues but that doesn't seem to be an option.
Additionally some real cheap boxes have a limitation to the actual number of NAT connections they can route. I don't know the detail of the MSN protocol, but it could be experience a timeout due to latency.
That's worth investigating, i'll check that.
Does is die under use? Or while it's idle? Are you connecting to the I-Net or to another network? Are there any security policies in place on the NAT box? Is the NAT box a firewall? What model/type?
No, it is quite a performant box but there's indeed some issue wich is pretty awkward to get hold of. The nat-box is set up for ip-masquerading with the iptables firewall for policy, all is running on the same machine.
Shawn Jackson Systems Administrator Horizon USA 1190 Trademark Dr #107 Reno NV 89521 www.horizonusa.com Email: sjackson () horizonusa com Phone: (775) 858-2338 (800) 325-1199 x338
Thanks. J. --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- RE: Request for feedback on ip-nat Shawn Jackson (Feb 04)
- RE: Request for feedback on ip-nat Joris L. (Feb 05)