Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: testing for IP address space leakage in NAT systems

From: Thomas Reinke <reinke () e-softinc com>
Date: Mon, 21 Jan 2002 16:50:53 -0500
Not reliable, but if there are any accessible web servers
behind the NAT device, check the Content-Location tag. It
may yield non-routable address information.

Statistically, not a good bet - but still, a better than
1 in 20 chance, if the server is IIS, that you will get
non-routable addressing information out of it, and that
the server is giving this information to everyone who
connects to it.
(See
http://www.securityspace.com/s_survey/data/man.200112/firewalled_cloc.html
for stats breakdown)

Thomas

R P G wrote:


I was wondering if anyone knows of a method to test a NAT system for
address space leakage.

Thanks.

--Bob

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: