Originally posted by: spidey07
IDS sensors can be configured to detect them and shut down or shun the port.
In a large campus network you would have IDS sensors at each IDF or building watching anything to/from the individual building subnets.
But how exactly does IDS figure out if a packet is coming behind a NAT box or not?