Re: testing for IP address space leakage in NAT systems
From: Gamble (a629w@unb.ca)Date: 01/22/02
- Previous message: Thomas Reinke: "Re: testing for IP address space leakage in NAT systems"
- In reply to: R P G: "testing for IP address space leakage in NAT systems"
- Next in thread: Iván Arce: "Re: testing for IP address space leakage in NAT systems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 21 Jan 2002 19:04:24 -0400 (AST) From: Gamble <a629w@unb.ca> To: R P G <inittab@jtan.com>
On Mon, 21 Jan 2002, R P G wrote:
> I was wondering if anyone knows of a method to test a NAT system for
> address space leakage.
>
> Thanks.
>
> --Bob
>
The easiest way to do this is try a zone transfer (host -l abc.com). If
the DNS servers are not set up correctly, you have a good shot at having a
list of the internal machines. Also, sometimes if you traceroute to a
machine, you will get the internal IP of the gateway, which might be of
use. SNMP might also be good to you and give you a few internal IP's, but
there is a very good chance that the firewall will block SNMP, but you
might get lucky.
I havn't heard of any specific tools to tast for leaks, and from what I
have seen in the past, the best method is to query the various network
servers which are known to give away network information.
-- Jamie
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Thomas Reinke: "Re: testing for IP address space leakage in NAT systems"
- In reply to: R P G: "testing for IP address space leakage in NAT systems"
- Next in thread: Iván Arce: "Re: testing for IP address space leakage in NAT systems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
