Full Disclosure mailing list archives
Re: NAT router inbound network traffic subversionouter inbound network traffic subversion
From: mega <megaboy () libero it>
Date: Fri, 28 Jan 2005 17:49:14 +0100
You said: HOW IS THIS NOT USER INTERACTION?!?!? I asked if there is a computer on the internal network that doesn't do anything -- that means SENDING NO PACKETS to the router - If my english's not so bad,i think: "Somebody already answered:"
Now, I wouldn't place all my bets on his answer and I am calling on someone out there to clear up my question. If NAT really does only allow inbound connections with a preliminary request as he suggests, it seems that the only way to get an "unauthorized" packet behind the router is by some flaw in the firmware of the device.If you are not offering any services to the Internet, yes. If you are, then you have ports open on the router, redirecting to real machines, which may be running software which can be exploited.Now, I wouldn't place all my bets on his answer and I am calling on someone out there to clear up my question. If NAT really does only allow inbound connections with a preliminary request as he suggests, it seems that the only way to get an "unauthorized" packet behind the router is by some flaw in the firmware of the device.
*If you are not offering any services to the Internet, yes. If you are, then you have ports open on the router, redirecting to real machines, which may be running software which can be exploited.*
However ... i'm reading on an italian e-zine an article sentencing that: NAT is not a security feature.Sorry, it's in italian and don't have time to translate it. It explain some way to pass a router's NAT... maybe you can translate it using some net translator or better finding an english version of that.
Here you are, however: http://www.s0ftpj.org/bfi/dev/BFi13-dev-17 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: NAT router inbound network traffic subversionouter inbound network traffic subversion mega (Jan 28)