[clug] How to prevent port forwarding
Kim Holburn
kim.holburn at nicta.com.au
Sun Apr 23 04:49:16 GMT 2006
On 2006 Apr 23, at 1:41 PM, steve jenkin wrote:
> I would've thought that devices behind a NAT'ing firewall would be
> invisible by definition:
> - there is no route to them, they are in a private world.
> The external IP nr of the firewall is the only point that can be
> reached by tools like traceroute
> - There is no TTL difference. The firewall does not relay/rewrite
> by packet, but by connection.
> - There is no host identifier - all internal IP's are mapped onto
> the one external...
That's true but there are tools that can infer stuff in odd ways from
the traffic coming from a system. If you have access to all traffic
from a site it's even easier.
--
Kim Holburn
Security Manager, National ICT Australia Ltd.
Ph: +61 2 61258620 M: +61 417820641 F: +61 2 6230 6121
mailto:kim.holburn at nicta.com.au aim://kimholburn
skype://kholburn - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/cacert.crt
Aust. Spam Act: To stop receiving mail from me: reply and let me know.
Use ISO 8601 dates [YYYY-MM-DD] http://www.saqqara.demon.co.uk/
datefmt.htm
Democracy imposed from without is the severest form of tyranny.
-- Lloyd Biggle, Jr. Analog, Apr 1961
More information about the linux
mailing list