Re: NAT Challenge

Forums » Up and Running » Security » Security » El Cheapo Router Challenge


Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:	Post a:	Post a:

Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal

FoxTrot Cartoon on spam... »
« Weird Download Popup

Gelroos
Mad Mage
Premium
join:2003-05-23
Wilmington, DE

Bahh, Daniel that's cheatin'

Seriously while I would agree that some outbound traffic would be classified as "typical", this "mythical" NAT-transversal attack (sounds nice at least) should work whether someone is sending packets outbound (hence having at least "something" in the tables) or the connect is idle. I've "heard" that people can do this, I've never seen proof...I'd like to see some of the people who have said it is possible do this, and then explain to me HTH they did it.
--
The tree of liberty must be refreshed from time to time with the blood of patriots & tyrants. It is it's natural manure.The "Tree of Liberty" letter From Thomas Jefferson to William Smith

permalink · 2005-10-27 15:15:57 · Print ·

B Premium,MVM join:2000-10-28	Re: NAT Challenge Well yeah, but the cool part of the challenge should be that the leet hackerz don't have to reveal how they did it -- all they have to do is... do it! We don't want to give them any excuse not to demonstrate their leetitude. -- B -- In a realm outside causality and function
	permalink · 2005-10-27 15:36:37 ·

Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB

·Shaw

Re: NAT Challenge

said by B

:

Well yeah, but the cool part of the challenge should be that the leet hackerz don't have to reveal how they did it -- all they have to do is... do it!

If requested I would be happy to keep the attack technique confidential except for the fact that it worked, what ever it takes to prove or disprove how safe NAT devices are, as that is ultimate goal of this challenge.

Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel

permalink · 2005-10-27 15:51:18 · Print ·

Gelroos Mad Mage Premium join:2003-05-23 Wilmington, DE	Re: NAT Challenge Well if you are going to be so considerate LL, All you have to do is go to a specified URL running a specified browser and click on a specified link...Then click the run button
	permalink · 2005-10-27 15:53:14 ·

Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB

·Shaw

Re: NAT Challenge

said by Gelroos

:

Well if you are going to be so considerate LL, All you have to do is go to a specified URL running a specified browser and click on a specified link...Then click the run button

Is that all you want me to do?? I'm at a client site right now (largest bank in the world) but I'd gladly do that for you right now as I'm logged on to the top level domain server which has all the transfer accounts and such on it so it shouldn't be a problem to do your quick test right away

Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel

permalink · 2005-10-27 16:50:06 · Print ·

ntguru911 join:2001-03-26 Powell, OH	Re: NAT Challenge I'm not sure if you're serious about working for a very large bank or not but if you are shouldn't we be using the correct terminology--PAT (port address translation)which is what all these devices are, at least in default out-of-the-box configuration?
	permalink · 2005-10-28 14:27:54 ·

your comment..

Forums » Up and Running » Security » Security	FoxTrot Cartoon on spam... » « Weird Download Popup


Friday, 04-Dec 02:10:59	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF