|
Penetration Testing
mailing list archives
Re: attack on a computer behind a nat.
From: publists () enablesecurity com
Date: 11 Sep 2008 12:16:18 -0000
Most of the replies to this thread focused on forging of packets and so on.
If what you want is to attack a computer behind NAT, then I suggest that you look at how real attackers do it. Many
home networks or small businesses are behind NAT yet they still have plenty of security incidents, and the attackers
almost never (to my knowledge) forge packets in order to gain access. Instead they either bounce off an internet facing
service (as someone else mentioned) - like some remote access service, or hack the client.
Client-side attacks are the most effective way of breaking through, and is what is being done in order to break into
such networks. Therefore, I suggest that you take this approach if it is possible. Of course it always depends on the
scope of your penetration test.
Hope this helps
Sandro Gauci
http://enablesecurity.com/
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Re: attack on a computer behind a nat., (continued)
Re: attack on a computer behind a nat. Christian Eric EDJENGUELE (Sep 09)
Re: attack on a computer behind a nat. publists (Sep 12)
|
Intro
