RE: Network Address Translation insecurities

From: Schuler, Jeff (Jeff.Schuler@hit.cendant.com)
Date: 09/25/02


From: "Schuler, Jeff" <Jeff.Schuler@hit.cendant.com>
To: security-basics@securityfocus.com
Date: Wed, 25 Sep 2002 14:18:37 -0700

Point well taken... let me refine this request a bit further. I understand
that there are inherent risks internally.

What I am specifically looking for is external ways to defeat, obsfucate, or
otherwise circumvent NAT and gain access to internal systems.

Thanks for the input
Jeff

-----Original Message-----
From: Kline, Nathan C - CICT-2 [mailto:nckline@bpa.gov]
Sent: Wednesday, September 25, 2002 1:47 PM
To: 'Schuler, Jeff'; security-basics@securityfocus.com
Subject: RE: Network Address Translation insecurities

How about the fact that an attack can come from inside your firewall? You
should be doing vulnerability testing for both internal and external
attacks. All NAT is going to do is protect your internal IP addresses from
externally being gathered. Once the intruders are internal to your network,
however, NAT is not longer a good protective device.
--Nathan

-----Original Message-----
From: Schuler, Jeff [mailto:Jeff.Schuler@hit.cendant.com]
Sent: Wednesday, September 25, 2002 10:17 AM
To: security-basics@securityfocus.com
Subject: Network Address Translation insecurities

I am looking for information regarding the insecurities and vulnerabilities
that exist in Network Address Translation. One of our admins feels that
because everything is NAT'd that there is no way anyone can break into the
systems that are NAT'd. I know that this is not a completely accurate
statement but need to find some research and documentation regarding this.
All our systems are behind at least one firewall so please don't advise me
to install a firewall as extra security as they are already there. I just
want to make sure that we are not overlooking serious vulnerabilities just
because the box is behind a NAT. In order to justify doing vulnerability
testing on some of our internal systems I need to demonstrate the
insecurities in NAT.

Thanks in advance

Jeff Schuler



Relevant Pages

  • [NT] CitectSCADA ODBC Service Vulnerability
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... are distributed in over 80 countries through a network of more than 500 ... A vulnerability was found in CitectSCADA that could allow a remote ...
    (Securiteam)
  • [Full-disclosure] Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulner
    ... Cisco Security Advisory: Cisco IOS Software Network Address ... The Cisco IOS Software network address translation (NAT) feature ... advisory addresses a vulnerability in Cisco Unified Communications ...
    (Full-Disclosure)
  • Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities
    ... Cisco Security Advisory: Cisco IOS Software Network Address ... The Cisco IOS Software network address translation (NAT) feature ... advisory addresses a vulnerability in Cisco Unified Communications ...
    (Bugtraq)
  • Re: XP Home: selective folder sharing
    ... >same would hold for any wireless connection. ... Explaining bridges vs NAT is not easy. ... network are visible to all other components on each network. ... With a bridge (if Falcon-II is providing one), ...
    (microsoft.public.windowsxp.network_web)
  • Re: XP Home: selective folder sharing
    ... > Explaining bridges vs NAT is not easy. ... > network are visible to all other components on each network. ... > With a bridge (if Falcon-II is providing one), ... > For protection inside the NAT router, ...
    (microsoft.public.windowsxp.network_web)