A Re-examination of Network Address Translation Security
نویسندگان
چکیده
The use of Network Address Translation (NAT) has greatly expanded in recent years. While originally an address management technique it has often been used for security. However, there are many implementations of NAT that are inherently insecure. Recently investigation into some of these has shown increased potential for security holes in NAT deployments. An understanding of the risks associated with NAT and the basic networking topics supporting a research in this area are critical to an information assurance student. This paper describes the basic operation of NAT, outlines one such security problem and its’ mitigation, develops a testing methodology for use in information security curricula and suggests topics to be covered for student success.
منابع مشابه
Security Enhancement by Detecting Network Address Translation Based on Instant Messaging
Detecting network address translation is helpful for network administrators to enhance the network security. Current network address translation detection approaches can not work effectively in all scenarios. In this paper, a new detection scheme ImNatDet utilizing instant messaging information is presented, a case study based on characters of MSN Messenger is analyzed, and related security iss...
متن کاملApplying KT Network Complexity to a Highly-Partnered Knowledge Transfer Effort; Comment on “Using Complexity and Network Concepts to Inform Healthcare Knowledge Translation”
The re-conceptualization of knowledge translation (KT) in Kitson and colleagues’ manuscript “Using Complexity and Network Concepts to Inform Healthcare Knowledge Translation” is an advancement in how one can incorporate implementation into the KT process. Kitson notes that “the challenge is to explain how it might help in the healthcare policy, practice, and research communities.” We propose th...
متن کاملApplication Presence Information based Source Address Transiton Detection for Edge Network Security and Management
Source address transition technologies, such Network Address Translation and Proxy, can be used to provide unauthorized private address space. The source address of packets originated in the private address space will be changed by NAT gateway or proxy server, which is hard for service providers to manage the edge network and trace source of attacks. This paper presents the source address trans...
متن کاملNAT Traversal Capability and Keep-Alive Functionality with IPSec in IKEv2 Implementation
Since IPv4 Private Networks are behind NAT (Network Address Translation) devices. So, to bypass the Binding Update and Binding Acknowledgment by NAT, we need to encapsulate it in UDP (User datagram Protocol) Packets. Hence, the Dual Stack Mobile IPv6 should support NAT Traversal and Detection. So for proper securing and fully functionality of NAT traversal, it should be IP Security Protected. P...
متن کاملApplying Penetration Tests on a Highly Secured Cooperative Network
Security plays a vital role in the design; development and practical use of the distributed computing environment, for greater availability and access to information in turn imply that distributed systems are more prone to attacks. The need for practical solutions for secure networked system management is becoming increasingly significant. Any cooperative network should be supplied with differe...
متن کامل