|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: David Howe (DaveHowe.Pentest
googlemail.com)
Date: Wed Sep 10 2008 - 04:23:02 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mark Owen wrote:
> Only problem with that is the firewall/router/nat won't be expecting a
> result from your IP address and will drop it as it would have no idea
> what computer behind the nat to forward it to. If there is no
> underlying session, there is no communication.
Most nats, particularly for udp, aren't that smart. they will accept a
packet "to" the natted outside IP+port and forward it to the internal
host. There are nat2nat session proxy servers that take advantage of
that - they accept two connections (from a:aport and b:bport) and tell
"a" to connect to b:bport and "b" to connect to a:aport. Mostly, this works.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]