[Full-Disclosure] Re: NAT router inbound network traffic subversionouter inbound network traffic subversion

[mega <megaboy@xxxxxxxxx>]

You said:
HOW IS THIS NOT USER INTERACTION?!?!?  I asked if there is a computer on
the internal network that doesn't do anything -- that means SENDING NO
PACKETS to the router -



If my english's not so bad,i think:

"Somebody already answered:"

> > Now, I wouldn't place all my bets on his answer and I am calling on
> > someone out there to clear up my question.  If NAT really does only
> > allow inbound connections with a preliminary request as he suggests, it
> > seems that the only way to get an "unauthorized" packet behind the
> > router is by some flaw in the firmware of the device.
>
>
> If you are not offering any services to the Internet, yes. If you are, 
> then you have ports open on the router, redirecting to real machines, 
> which may be running software which can be exploited.
> Now, I wouldn't place all my bets on his answer and I am calling on
> someone out there to clear up my question.  If NAT really does only
> allow inbound connections with a preliminary request as he suggests, it
> seems that the only way to get an "unauthorized" packet behind the
> router is by some flaw in the firmware of the device.


*If you are not offering any services to the Internet, yes. If you are, 
then you have ports open on the router, redirecting to real machines, 
which may be running software which can be exploited.*


However ... i'm reading on an italian e-zine an article sentencing that:
NAT is not a security feature.
Sorry, it's in italian and don't have time to translate it. It explain 
some way to pass a router's NAT... maybe you can translate it using some 
net translator or better finding an english version of that.
Here you are, however: http://www.s0ftpj.org/bfi/dev/BFi13-dev-17

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html