Abstract

NAT traversal techniques allow processes with private, non-routable IP addresses to communicate with other processes outside the network secured limits. Techniques such as UDP Hole Punching have been standardized by the IETF, and using tunnels based on those techniques it is easy to allow application processes on top of any transport protocol, including TCP, to both start and receive packets from the Internet across NAT devices. However, as a side effect those techniques also freely proceed through firewalls. In this work we describe how it is possible to configure any server running on any port (no firewall configuration required) to establish connections initiated at arbitrary Internet clients, making unauthorized services easily available. We also show that the process is lightweight, in particular after the initial setup is concluded, thus virtually supporting any type of unauthorized applications.

Highlights

  • Transparency and end-to-end connectivity are two of the basic design principles of the original Internet (GARRETT et al, 2018; SALTZER et al, 1984)

  • We describe a simple NAT traversal approach to allow application processes using any transport protocol to communicate seamlessly accross NAT devices and firewalls using IP-overUDP tunnels

  • We first evaluate the overhead of using NAT traversal on the communication

Read more

Summary

Introduction

Transparency and end-to-end connectivity are two of the basic design principles of the original Internet (GARRETT et al, 2018; SALTZER et al, 1984). In this work we discuss the fact that, as a side effect, the communication with NAT traversal techniques causes security breaches by freely opening holes on firewalls. By using NAT traversal any internal host can independently open holes on any port without any firewall configuration to provide unauthorized services that can be accessed from the rest of the Internet.

Results
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Behavior and classification of NAT devices and implications for NAT traversal
A. Muller ... A. Klenk
IEEE Network | VOL. 22
A. Muller, et. al.A. Muller ... A. Klenk
01 Sep 2008
A Scheme of Relay Server Selection Methods for NAT Traversal through Home Gateways
Toshinori Takabatake
-
Toshinori TakabatakeToshinori Takabatake
01 Dec 2008
Handling NAT traversal and mobility for multimedia traffic
N. Gaylani ... Y.M. Erten
-
N. Gaylani, et. al.N. Gaylani ... Y.M. Erten
13 Feb 2006
Secure Networking with NAT Traversal for Enhanced Mobility
Vit Vrba ... Lubomir Cvrk
-
Vit Vrba, et. al.Vit Vrba ... Lubomir Cvrk
01 Jan 2007
View more papers

More From: Abakós

Paper Title
Journal
Date
Author
Criptografia e Livros Didáticos do Ensino Médio:
Beatriz Fernanda Litoldo ... Douglas Ribeiro Guimarães
Abakós | VOL. 11
Beatriz Fernanda Litoldo, et. al.Beatriz Fernanda Litoldo ... Douglas Ribeiro Guimarães
21 Nov 2023
Neutralidade da Rede no Brasil:
Luis C.E. Bona ... Letícia M. Peres
Abakós | VOL. 11
Luis C.E. Bona, et. al.Luis C.E. Bona ... Letícia M. Peres
13 Nov 2023
Sala de Aula Invertida e Álgebra Linear:
Douglas Frederico Guimarães Santiago ... Thiago Parente Lima
Abakós | VOL. 11
Douglas Frederico Guimarães Santiago, et. al.Douglas Frederico Guimarães Santiago ... Thiago Parente Lima
13 Nov 2023
Energia Nuclear:
Wagner Marcelo Pommer ... Eduardo Ferreira Caetano
Abakós | VOL. 11
Wagner Marcelo Pommer, et. al.Wagner Marcelo Pommer ... Eduardo Ferreira Caetano
13 Nov 2023
View more papers