I seem to have lost a message where somebody from ISC (Paul?) was going to release an updated/new advisory regarding the source-port de-randomizing effects of many NAT implementations will have upon patched servers.
Many of the folks I'm working with are unconcerned about this problem, because they cannot come up with an attack scenario against a recursive server behind a [NATting] firewall. They are also apparently hearing claims from our firewall vendor (starts with a letter between I and K) that this is not a big deal for servers behind a [their?] firewall. (Were they not invited to The Big Meeting?) Can we get a reading from Those Who Know about how likely it is that BadGuys can trick a client inside such a firewall to facilitate an attack against an internal recursive server (said server can query through the firewall). Thanks.
