Penetration Testing mailing list archives

Re: Discovering hosts behind NAT

From: Javier Fernandez-Sanguino Peña <jfernandez () sgi es>
Date: Wed, 23 May 2001 09:28:42 +0200


There are two known network devices: a cisco, which seems totally silent, and a wellfleet router.



        Have you tried SNMP access? First try to check if the SNMP ports (udp) are open
(nmap -sU) and then do a dictionary attack against the router. A common
misconfiguration is to have SNMP open to the outside world and with well-known
communities.
        If so, you could probably get the information the router holds in its internal
tables and (maybe) configure it to allow you access to the "hidden" network.

        Javi

Current thread:

Discovering hosts behind NAT Franklin DeMatto (May 22)
- Re: Discovering hosts behind NAT Javier Fernandez-Sanguino Peña (May 23)
- Re: Discovering hosts behind NAT Alex Butcher (May 23)
- Re: Discovering hosts behind NAT Wolfgang Zenker (May 25)
- <Possible follow-ups>
- Re: Discovering hosts behind NAT Test Working (May 24)
- RE: Discovering hosts behind NAT Dawes, Rogan (ZA - Johannesburg) (May 24)