|
Penetration Testing
mailing list archives
Re: attack on a computer behind a nat.
From: David Howe <DaveHowe.Pentest () googlemail com>
Date: Wed, 10 Sep 2008 10:23:02 +0100
Mark Owen wrote:
Only problem with that is the firewall/router/nat won't be expecting a
result from your IP address and will drop it as it would have no idea
what computer behind the nat to forward it to. If there is no
underlying session, there is no communication.
Most nats, particularly for udp, aren't that smart. they will accept a
packet "to" the natted outside IP+port and forward it to the internal
host. There are nat2nat session proxy servers that take advantage of
that - they accept two connections (from a:aport and b:bport) and tell
"a" to connect to b:bport and "b" to connect to a:aport. Mostly, this works.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Re: attack on a computer behind a nat., (continued)
Re: attack on a computer behind a nat. Christian Eric EDJENGUELE (Sep 09)
Re: attack on a computer behind a nat. publists (Sep 12)
|
Intro
