• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Source routing to defeat Hide-NAT

D

Dooling37

Senior member
I read recently that source routing can be used as a method of defeating Hide-NAT, which typically does not allow inbound access to NAT'd internal systems.
Paraphrased:
"an attacker can generate traffic claiming to be from a system "inside" the firewall, even though the transmitting system is located out on the Internet.. the source routing information would then be used in reverse in order to return the reply to the attacker's machine out on the Internet."
source: http://www.ists.dartmouth.edu/...sroom/firewalls.php#1u

Does this make sense? How does the combination of spoofing one's source address to be an internal IP, and source routing a packet allow inbound access to a Hide-NAT'd system?


Moving to Networking, you should have a better response there. Oakenfold-PC Gaming Mod
 
Spoofing the return address pretty much guarantees you won't see any of the reply packets so your attack has to work blindly and I'd be surprised if any device had source routing enabled by default these days. And on top of those your destination address would like be a RFC1918 address which you hopefully won't be able to route to at all across the Internet.
 
That info seems to be outdated. I did once get a spoofed packet that was addressed to an internal address, and it made it past my SMC router/NAT fireware onto my PC, where my software firewall caught it. It was likely spoofed by another subscriber on the same DSLAM, as I doubt it traversed the internet like that.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top