sipgate drop outs

Ivor Jones wrote:

> I'm not convinced that NAT is 100% effective at hiding a device from
> outside access

Given that the vast majority of people using NAT have just the one public IP
address, how would one gain "outside access" to a NATed device?

--
<http://ale.cx/> (AIM:troffasky) (UnSoEsNpEaTm@ale.cx)
19:49:50 up 17 days, 3:35, 3 users, load average: 3.04, 3.09, 3.09
This is my BOOOOOOOOOOOOOOOOOOOOOMSTICK

On Fri, 10 Nov 2006 19:51:21 +0000, alexd wrote:

> Ivor Jones wrote:
>
>> I'm not convinced that NAT is 100% effective at hiding a device from
>> outside access
>
> Given that the vast majority of people using NAT have just the one public IP
> address, how would one gain "outside access" to a NATed device?

source routing. see
http://www.iss.net/security_center/a...ng/default.htm

--
Ron Wellsted
ron@wellsted.org.uk http://www.wellsted.org.uk
N 52.567623, W 2.137621 Linux Counter No. 202120
FWD:519961

On 2006-11-10, Ron Wellsted <ron@wellsted.org.uk> wrote:

> On Fri, 10 Nov 2006 19:51:21 +0000, alexd wrote:
>
>> Ivor Jones wrote:
>>
>>> I'm not convinced that NAT is 100% effective at hiding a device from
>>> outside access
>>
>> Given that the vast majority of people using NAT have just the one public IP
>> address, how would one gain "outside access" to a NATed device?
>
> source routing. see
> http://www.iss.net/security_center/a...ng/default.htm

Source routing can be disabled on a router or host you control. Also,
the survival of a source routed packet on any extensive journey across the
internet would require ISPs to allow its passage, and many do not.

Brian.