February 20th, 2002, 11:16 PM
Network Address Translation >> NAT
I am trying to figure out how to get through NAT being used on my network from the outside. It does not have a firewall and I want to learn how this is done. I would appreciate if anybody can point me in the right direction to figure this out.
February 20th, 2002, 11:28 PM
go check my post in your other thread and see if that helps.
February 20th, 2002, 11:29 PM
I am trying to from the internet in to the network not out from the network.
February 20th, 2002, 11:57 PM
Are you asking how you can allow traffic traffic originating from the outside to reach a resource on the inside?
or, are you asking how someone might penetrate nat to compromise a machine on the inside?
If it is the first, it depends on what is doing your nat.
If it is the second in theory you cant, unless specific redirections have been set up on whatever is running the nat.
Problem is, unless specific redirections have been set up, the nat router would not have any idea where to send the traffic, it could potentially have 253 other hosts on its subnet...
Of course, if you were to compromise the router/firewall which is providing nat you would be able to get in.
I suppose it might be possible if you were to spoof packets so that the sending address appears to the nat device to be originating on the inside, however, most firewalls/nat devices are now capable of figuring out that packets from an supposedly "internal" address should not be recieved on the external interface and drop them. If they did get through though, you would never recieve any packets in return.....
Back to what I said above, you would have to exploit the specific type of nat router somehow.
Maybe I'm wrong, but I dont think so.