Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » El Cheapo Router Challenge
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
FoxTrot Cartoon on spam... »
« Weird Download Popup  
AuthorAll Replies


Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:

reply to Link Logger
Re: NAT Challenge

said by Link Logger See Profile :

said by Daniel See Profile :

Can we have you surf and such while we try? I've wanted to do some of this testing for quite a while anyway.
When do you want to do it and do you have a preference as to which NAT device? Would I be surfing to your site, or just surfing in general?
I'm not sure what they paramaters would be, but no, it wouldn't be to a site I own. The idea would be to try and ride back through entries in your NAT table. I'm not saying I could do this, or that it can be done, but I don't see it as impossible.

As for whether or not someone could get packets into a modern SOHO router that doesn't have anything in the NAT table -- that I'd rate as highly unlikely.

But yeah, I think we should explore this for real this time. Many of us here have wanted to for a while now; we should just go ahead and do it. Let's set up a time to meet in #ATU or something.
--
dmiessler.com -- grep understanding knowledge
to forum · permalink · · 2005-10-27 17:29:19 · Reply to this

B
Premium,MVM
join:2000-10-28


A variation to a site you own would probably be good too -- the attack could involve an HTML e-mail message with links back to an image at your site -- the image retrieval would alert you to the target's presence (and presumably NAT table state).

Stretching the definition of "unsolicited" I realize, but...

-- B
--
In a realm outside causality and function
to forum · permalink · · 2005-10-27 17:33:08 · Reply to this


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
·Shaw

reply to Daniel
That sounds fair. Try scanning the 'El Cheapo NAT Router' and see if you can determine what ports are being used and if that doesn't work I'll tell you what ports are being used so we don't waste too much time on detection and can focus on exploitation.

Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel
to forum · permalink · · 2005-10-27 17:35:45 · Reply to this
Forums » Up and Running » Security » SecurityFoxTrot Cartoon on spam... »
« Weird Download Popup  

Wednesday, 09-Dec 23:59:00 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [200] Sprint Sued For Distracted Driving Death
· [109] AT&T Launching New 24 Mbps U-Verse Tier
· [82] 3G Network Test Says AT&T Is Tops
· [72] Mediacom Unveils 105 Mbps Pricing
· [66] Sprint Poised For A Turnaround?
· [65] WPA Cracker: Test WPA-PSK Networks In 20 Minutes
· [60] AT&T Hints At Usage-Based iPhone Data Pricing
· [51] The Future Of Wi-Fi Is Bright
· [47] Site Leaks Yahoo, Verizon Fed Data Share Pricing
· [44] Microwaving Your Innards Is Not 'Extreme'
Most people now reading
· Hot Girl falls face first down stairs [56k Lookout (Broadband Heavy)]
· ICC strats [World of Warcraft]
· Cross Server Dungeon Experience [World of Warcraft]
· Adobe Flash Player version 10.0.42.34 [Security]
· Windows 7 boot manager editing questions [Microsoft Help]
· RG Firmware update to VDSL2 this morning [AT&T U-verse]
· Official "Invite" thread Part 3 - ALL INVITES GO HERE ! [Filesharing Software]
· HOA Headaches [General Questions]