Re: Systems behind NAT - port scanning etc.
From:Date: 10/29/02
- Next message: : "VPN, Road Warriors, and Nat question"
- Previous message: craig: "NetBEUI and security"
- In reply to: Melinda Shore: "Re: Systems behind NAT - port scanning etc."
- Next in thread: leemer: "Re: Systems behind NAT - port scanning etc."
- Reply: leemer: "Re: Systems behind NAT - port scanning etc."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 29 Oct 2002 14:29:18 -0800
shore@panix.com (Melinda Shore) wrote in message news:<apktdc$6vk$1@panix2.panix.com>...
> In article <n7mv9.44784$Ik.1041720@typhoon.sonic.net>,
> leemer <kcirelli@powernetworks.biz> wrote:
> >To access a currently established session and "inject" internally
> >addressed(spoofed) packets and have them actually get to where you want them
> >to go..(and have them come back to you at an external location) ..there's
> >this really tricky thing to guess called tcp sequence numbers. They are
> >almost impossible to guess.
>
> Depends on the operating system. Aside from that, a DoS
> attack, which is far, far more common than a connection
> hijacking or spoofing attack, doesn't require getting a
> response back from the attackee.
Interesting thread I've started! Just to help things along, I was
referring to dynamic NAT. In my situation, there may be one static
translation required (to be decided) but for the most part it's just
ordinary hosts accessing web sites etc.
So I'll take it from the posts so far that dynamic NAT does still
constitute a worthwile security layer.
Thanks
Craig
- Next message: : "VPN, Road Warriors, and Nat question"
- Previous message: craig: "NetBEUI and security"
- In reply to: Melinda Shore: "Re: Systems behind NAT - port scanning etc."
- Next in thread: leemer: "Re: Systems behind NAT - port scanning etc."
- Reply: leemer: "Re: Systems behind NAT - port scanning etc."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
