Penetration Testing mailing list archives
Re: attack on a computer behind a nat.
From: publists () enablesecurity com
Date: 11 Sep 2008 12:16:18 -0000
Most of the replies to this thread focused on forging of packets and so on. If what you want is to attack a computer behind NAT, then I suggest that you look at how real attackers do it. Many home networks or small businesses are behind NAT yet they still have plenty of security incidents, and the attackers almost never (to my knowledge) forge packets in order to gain access. Instead they either bounce off an internet facing service (as someone else mentioned) - like some remote access service, or hack the client. Client-side attacks are the most effective way of breaking through, and is what is being done in order to break into such networks. Therefore, I suggest that you take this approach if it is possible. Of course it always depends on the scope of your penetration test. Hope this helps Sandro Gauci http://enablesecurity.com/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- attack on a computer behind a nat. Michael Kitange (Sep 09)
- Re: attack on a computer behind a nat. fleetscribbler () socket net (Sep 09)
- RE: attack on a computer behind a nat. Alex Eden (Sep 09)
- Re: attack on a computer behind a nat. Mark Owen (Sep 09)
- attack on a computer behind a nat. Michael Kitange (Sep 09)
- Re: attack on a computer behind a nat. Krugger (Sep 10)
- Re: attack on a computer behind a nat. David Howe (Sep 10)
- Re: attack on a computer behind a nat. Shreyas Zare (Sep 12)
- Re: attack on a computer behind a nat. David Howe (Sep 12)
- Re: attack on a computer behind a nat. Mark Owen (Sep 09)
- <Possible follow-ups>
- Re: attack on a computer behind a nat. Christian Eric EDJENGUELE (Sep 09)
- Re: attack on a computer behind a nat. publists (Sep 12)