Re: attack on a computer behind a nat.

Most of the replies to this thread focused on forging of packets and so on.

If what you want is to attack a computer behind NAT, then I suggest that you look at how real attackers do it. Many home networks or small businesses are behind NAT yet they still have plenty of security incidents, and the attackers almost never (to my knowledge) forge packets in order to gain access. Instead they either bounce off an internet facing service (as someone else mentioned) - like some remote access service, or hack the client.

Client-side attacks are the most effective way of breaking through, and is what is being done in order to break into such networks. Therefore, I suggest that you take this approach if it is possible. Of course it always depends on the scope of your penetration test.

Hope this helps

Sandro Gauci

This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

Relevant Pages

  • [SOLVED] Re: UDP multicast packets not seen on listening interface in BETA5
    ... I'm sorry for so many replies to my own thread here, ... I was not properly joining the ... Where is one of the aliased IPs on fxp0, ... ok with nat'ing the packets for now to make it work. ...
  • Re: ping claims lost packets
    ... > row results in lost packets from ping's point of view, ... > kernel is getting the echo replies back. ... > and stopping and restarting ping, often results in the stated behavior. ...
  • Re: Network Monitor
    ... Got me - and in any case this utility only captures packets, ... need a Server copy of Windows to load and analyze the packets captured. ... >> * PLEASE post all messages and replies in the newsgroups ...
  • Re: LCP replies lost?
    ... That's a good indication that the packets are garbled in transit. ... Debugging this depends a bit on which OS you're using. ... something wrong with replies -- is there any way to check this? ... This is a low-level driver problem ... ...
  • Re: interesting traffic
    ... | packets in those ranges as being replies to something your systems sent ... On my home firewall, ... | UDP to those ports for several years now. ... | as they can't be valid replies to anything we've sent out. ...