A Technique for Counting NATted Hosts (was Re: [clug] How to prevent port forwarding)

Kim Holburn kim.holburn at nicta.com.au
Sun Apr 23 10:12:04 GMT 2006 

A Technique for Counting NATted Hosts

http://www.cs.columbia.edu/~smb/papers/fnat.pdf


On 2006 Apr 23, at 2:49 PM, Kim Holburn wrote:

>
> On 2006 Apr 23, at 1:41 PM, steve jenkin wrote:
>> I would've thought that devices behind a NAT'ing firewall would be  
>> invisible by definition:
>> - there is no route to them, they are in a private world.
>>  The external IP nr of the firewall is the only point that can be  
>> reached by tools like traceroute
>> - There is no TTL difference.  The firewall does not relay/rewrite  
>> by packet, but by connection.
>> - There is no host identifier - all internal IP's are mapped onto  
>> the one external...
>
> That's true but there are tools that can infer stuff in odd ways  
> from the traffic coming from a system.  If you have access to all  
> traffic from a site it's even easier.
>
>
> -- 
> Kim Holburn
> Security Manager, National ICT Australia Ltd.
> Ph: +61 2 61258620 M: +61 417820641  F: +61 2 6230 6121
> mailto:kim.holburn at nicta.com.au  aim://kimholburn
> skype://kholburn - PGP Public Key on request
> Cacert Root Cert: http://www.cacert.org/cacert.crt
> Aust. Spam Act: To stop receiving mail from me: reply and let me know.
>
> Use ISO 8601 dates [YYYY-MM-DD] http://www.saqqara.demon.co.uk/ 
> datefmt.htm
> Democracy imposed from without is the severest form of tyranny.
>                           -- Lloyd Biggle, Jr. Analog, Apr 1961
>
>
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux

-- 
Kim Holburn
Security Manager, National ICT Australia Ltd.
Ph: +61 2 61258620 M: +61 417820641  F: +61 2 6230 6121
mailto:kim.holburn at nicta.com.au  aim://kimholburn
skype://kholburn - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/cacert.crt
Aust. Spam Act: To stop receiving mail from me: reply and let me know.

Use ISO 8601 dates [YYYY-MM-DD] http://www.saqqara.demon.co.uk/ 
datefmt.htm
Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the linux mailing list