DDOS attacks and Large ISPs doing NAT?

• Previous message (by thread): DDOS attacks and Large ISPs doing NAT?
• Next message (by thread): anybody else been spammed by "no-ip.com" yet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 02 May 2002 11:32:48 PDT, "Mansey, Jon" said:

> As I said, in a NAT'd scenario the IP stack will never see an unsolicited
> request and hence not respond to it.
> 
> The phone side of course will ring when called. Duh.

That's the *point*.

You hand the phone a trojan/virus/whatever when it's making an OUTBOUND
connection on the NAT side (for instance, if the PDA side is checking
mail, feed it a trojaned piece of mail).  You then have the trojan drop
you a note "Oh, and my phone number is XXX-YYYY".

Then, when it's time to attack somebody, you send the phone a page that
tells the trojan "Hey XXX-YYYY, wake up and pound on victim address <whatever>".
With proper encoding of the page, the phone's owner may even just say
"Damn, more <bleeping> Korean spam in characters I can't read", and not notice
that 45 seconds later, the phone starts chirping away by itself....

The point is that you can contact the phone via *non-NAT* means and have it
launch an attack - the fact you can't wake it up via NAT can be worked around.
-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20020502/d47a30a5/attachment.sig>

• Previous message (by thread): DDOS attacks and Large ISPs doing NAT?
• Next message (by thread): anybody else been spammed by "no-ip.com" yet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]