Penetration Testing mailing list archives
RE: attack on a computer behind a nat.
From: "Alex Eden" <Alex.Eden () senet-int com>
Date: Tue, 9 Sep 2008 15:05:22 -0400
Hypothetically it is possible, even though difficult in reality. Try to scan it with nmap first using "-g" switch - let's say firewall is not very good at maintaining sessions, and you can fool it into thinking that your traffic is response to that desktop's DNS query, or response to desktop's http request.... Once you able to scan, think of a way to send your payload/exploit using same approach. Eventually you will need a reverse shell. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Michael Kitange Sent: Tuesday, September 09, 2008 2:08 AM To: pen-test () securityfocus com Subject: attack on a computer behind a nat. hi, list. is there any way to send an attack to a computer behind a nat box? possibly modify a packet header, i know the ip that the computer is using behind the nat. any help is appreciated. -- Sent from Gmail for mobile | mobile.google.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- attack on a computer behind a nat. Michael Kitange (Sep 09)
- Re: attack on a computer behind a nat. fleetscribbler () socket net (Sep 09)
- RE: attack on a computer behind a nat. Alex Eden (Sep 09)
- Re: attack on a computer behind a nat. Mark Owen (Sep 09)
- attack on a computer behind a nat. Michael Kitange (Sep 09)
- Re: attack on a computer behind a nat. Krugger (Sep 10)
- Re: attack on a computer behind a nat. David Howe (Sep 10)
- Re: attack on a computer behind a nat. Shreyas Zare (Sep 12)
- Re: attack on a computer behind a nat. David Howe (Sep 12)
- Re: attack on a computer behind a nat. Mark Owen (Sep 09)
- <Possible follow-ups>
- Re: attack on a computer behind a nat. Christian Eric EDJENGUELE (Sep 09)
- Re: attack on a computer behind a nat. publists (Sep 12)