RE: NAT/PAT (Hide NAT) Vulnerabilities?

From: Ray (rayw@fuckmicrosoft.com)
Date: 12/15/01 

Date: Fri, 14 Dec 2001 20:23:56 -0600
From: Ray <rayw@fuckmicrosoft.com>
To: SecurityBasics <security-basics@securityfocus.com>

Howdy,

I have never seen PAT described in an RFC to date. Could someone point me in
the right
direction with this outside of a Cisco website? Or is this really a
"standardized" acronym?

Ray

-----Original Message-----
From: Paul Leroy [mailto:paulle@is.co.za]
Sent: Friday, December 14, 2001 12:56 AM
To: 'Reaves, Timothy CECOM RDEC STCD JANUS'; SecurityBasics
Subject: RE: NAT/PAT (Hide NAT) Vulnerabilities?

Hi,

PAT is Port Address Translation, it is also called NAT overload. Instead of
mapping internal IPs to external IPs, it maps internal IPs to external
source ports. This means that only one IP (that of the outside interface of
the PAT device) is seen by the outside world. This also increases the number
of concurrent connections to roughly 64000 instead of just the size of the
outside IP pool.

Hope that helps

Regards,

Paul Leroy

-----Original Message-----
From: Reaves, Timothy CECOM RDEC STCD JANUS
[mailto:Timothy.Reaves@mail1.monmouth.army.mil]
Sent: 12 December 2001 08:26
To: SecurityBasics
Subject: RE: NAT/PAT (Hide NAT) Vulnerabilities?

could someone please explain PAT?

Thanks

"This e-mail may contain confidential information and may be legally
privileged and is intended only for the person to whom it is addressed. If
you are not the intended recipient, you are notified that you may not use,
distribute or copy this document in any manner whatsoever. Kindly also
notify the sender immediately by telephone, and delete the e-mail. When
addressed to clients of the company from where this e-mail originates ("the
sending company ") any opinion or advice contained in this e-mail is subject
to the terms and conditions expressed in any applicable terms of business or
client engagement letter . The sending company does not accept liability for
any damage, loss or expense arising from this e-mail and/or from the
accessing of any files attached to this e-mail."

Relevant Pages

  • Re: NAT/PAT (Hide NAT) Vulnerabilities?
    ... >> PAT is Port Address Translation, it is also called NAT overload. ... >> mapping internal IPs to external IPs, it maps internal IPs to external ... >> to the terms and conditions expressed in any applicable terms of business ... The sending company does not accept liability ...
    (Security-Basics)
  • Re: NAT/PAT (Hide NAT) Vulnerabilities?
    ... Subject: NAT/PAT Vulnerabilities? ... > I have never seen PAT described in an RFC to date. ... > PAT is Port Address Translation, it is also called NAT overload. ... The sending company does not accept liability ...
    (Security-Basics)
  • RE: NAT/PAT (Hide NAT) Vulnerabilities?
    ... PAT is Port Address Translation, it is also called NAT overload. ... mapping internal IPs to external IPs, it maps internal IPs to external ...
    (Security-Basics)
  • Need help with PAT & Firewall
    ... I'm in the midst of a BGP configuration and would like to change how ... Right now the firewall PAT's all of our ... I'd like to have the firewall PAT all ... of our internal IPs to 2 different IPs on different networks. ...
    (comp.security.unix)