On Mon, 21 Jan 2002, R P G wrote: > I was wondering if anyone knows of a method to test a NAT system for > address space leakage. > > Thanks. > > --Bob > The easiest way to do this is try a zone transfer (host -l abc.com). If the DNS servers are not set up correctly, you have a good shot at having a list of the internal machines. Also, sometimes if you traceroute to a machine, you will get the internal IP of the gateway, which might be of use. SNMP might also be good to you and give you a few internal IP's, but there is a very good chance that the firewall will block SNMP, but you might get lucky. I havn't heard of any specific tools to tast for leaks, and from what I have seen in the past, the best method is to query the various network servers which are known to give away network information. -- Jamie ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Jan 22 2002 - 11:22:45 PST