Is it possible to do this routing trick under Windows? Win2K won't let me add a route if the specified gateway is not on the same network segment as the host (at least that's what the error message I get says). Fred ----- Original Message ----- From: "Graham, Randy (RAW) " <[EMAIL PROTECTED]> To: "Schuler, Jeff" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, September 26, 2002 9:34 AM Subject: RE: Network Address Translation insecurities
> I'll answer this by posting a snippet from a post Anders Pettersson made to > this list just over a month ago (08-14-2002 in US date notation): > > ---- > It can not be stressed enough that NAT alone is _no protection at > all_, there must be some filtering or you are running wide open > looking for trouble. > > By adding a route to the network you can directly reach the machines > from outside the NAT box, something like[1] > > # route add -net 192.168/16 gw 123.123.123.123 > > would do. Then just ping around to find what hosts are alive... > > It is raining on the Internet. Don't leave your house with the windows > open... > > [1] Assuming the corporate LAN uses 192.168.0.0--192.168.255.255 as > their internal addresses and the gateways external IP is > 123.123.123.123. > ---- > > In other words, NAT gains you pretty much nothing for security. The > existance of your network behind a NATting device might not be immediately > obvious to someone scanning from the outside, but anyone watching traffic > from your NAT device will be able to figure out pretty easily that there is > a network behind that one IP address, and if they care to probe to see what > is there, the NAT does not do much to protect the network. > > Randy Graham > > > -----Original Message----- > From: Schuler, Jeff [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, September 25, 2002 1:17 PM > To: [EMAIL PROTECTED] > Subject: Network Address Translation insecurities > > > I am looking for information regarding the insecurities and vulnerabilities > that exist in Network Address Translation. One of our admins feels that > because everything is NAT'd that there is no way anyone can break into the > systems that are NAT'd. I know that this is not a completely accurate > statement but need to find some research and documentation regarding this. > All our systems are behind at least one firewall so please don't advise me > to install a firewall as extra security as they are already there. I just > want to make sure that we are not overlooking serious vulnerabilities just > because the box is behind a NAT. In order to justify doing vulnerability > testing on some of our internal systems I need to demonstrate the > insecurities in NAT. > > Thanks in advance > > Jeff Schuler >