[TriLUG] reverse ssh through firewall/NAT with a twist
Joseph Mack NA3T
jmack at austintek.com
Sat Nov 15 14:49:00 EST 2014
On Sat, 15 Nov 2014, Bill Farrow wrote:
> Traversing NAT on your firewall is nothing new. Skype does this all the time.
hmm. I didn't know that a NAT router would accept a SYN packet.
http://en.wikipedia.org/wiki/TCP_hole_punching
I thought part of NAT was the security offered by the inability to get to
servers on the inside of the NAT device because it wouldn't accept a SYN packet.
Of course with UDP anything goes
http://en.wikipedia.org/wiki/UDP_hole_punching
I hadn't really thought about how Skype or bittorrent worked. I'd assumed a 3rd
machine was always involved, but exactly how I hadn't thought about. With
Bittorrent being UDP, I decided it was too complicated to think about. I hadn't
bothered to think about how Skype worked.
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) austintek (dot) com - azimuthal equidistant
map generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
More information about the TriLUG
mailing list