mailing list archives
Re: detecting multihomed host
From: alexander lind <malte () webstay org>
Date: Fri, 1 Aug 2008 21:23:49 -0700
On Aug 1, 2008, at 8:47 PM, K K wrote:
On 7/14/08, alexander lind <malte () webstay org> wrote:
Say that someone on the outside knows all of my 20 IP addresses. Is
any way that this person could detect that all 20 of these IP
bound to my one machine inside my network?
Yes, there are ways, some easier than others.
Look at the various papers on enumerating hosts behind a NAT gateway,
think of this as a sort of backwards variation on that question.
I have read up on what I could find about this, and it seems to me
that the only really generic techniques to enumerate hosts behind the
NAT relies on looking at the TTL field in the TCP packet. OpenBSDs PF
can reset and/or randomize this field with its 'scrub' directive, so
it seems to me this vulnerability would be blocked.
If you know of any other ways to detect a multihomed host behind a
NAT, can you give me any other hints for what to google on?
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com