Presentation is loading. Please wait.

Presentation is loading. Please wait.

NAT Network Address Translation Presented by Snoopers Eduardo Segura Shenal Shroff Shinichi Nishiyama Suyou He Thu Nguyen.

Published byElissa Hammer Modified over 9 years ago

Similar presentations

Presentation on theme: "NAT Network Address Translation Presented by Snoopers Eduardo Segura Shenal Shroff Shinichi Nishiyama Suyou He Thu Nguyen."— Presentation transcript:

1 NAT Network Address Translation Presented by Snoopers Eduardo Segura Shenal Shroff Shinichi Nishiyama Suyou He Thu Nguyen

2 Agenda Why NAT? Solution How does it work? Types Possible attacks NAT Pros and Cons Conclusion

3 Why NAT? Early ’90s: Signs of IPv4 addresses depleting “The two most compelling problems facing the IP Internet are IP address depletion and scaling in routing. (…) The address reuse solution is to place Network Address Translators (NAT) at the borders of stub domains.” K. Egevang, P. Francis RFC 1631: The IP Network Address Translator May, 1994

4 Solution A mapping: many-to-one Many internal addresses -> one external

5 How does NAT work? NAT is used to map IP addresses between non-routable private and public addresses. It allows registered public IP addresses to be shared by several hosts on private network.

6 How does NAT work? - Outgoing Internal host sends packet NAT box stores:  Source IP  Source port  Destination IP  Destination port Then modifies addresses in packet And sends it

7 How does NAT work? – Incoming External host sends packet NAT box searches stored info The search uses source IP : source port Modifies destination addresses in packet Sends it to internal host

8 NAT types: Mapping configuration -1 Static NAT: One-to- one mapping between internal and external addresses Dynamic NAT: Mapping internal to external from group of external addresses

9 NAT types: Mapping configuration –2 Overloading NAT: Mapping multiple internal addresses to single external address with different port #s (known also as PAT). Overlapping NAT: Same range of addresses are used in two different networks.

10 NAT Types - 2 Behaviors with respect to UDP-based bindings  Symmetric  Full-cone  Restricted-cone  Port-restricted-cone The difference lies in how they process responses from external hosts Today, NAT boxes use a mix, dynamically switching between types

11 “Security” features NAT hides internal addresses from Internet But it was NOT designed for security Any security is just a side-effect:  If packet’s source address not in table { drop it; } And this depends on the type of NAT!  Ex: “Full cone NAT” allows external packets to go right through, if configured.

12 Possible attacks to NAT Assume no non-related attacks:  No user-initiated malware  No buffer overflows or other hacks Then it is possible to use:  Source spoofing  Host counting  Passive fingerprinting  Internal network mapping

13 Attack to NAT: Source Spoofing An attacker can “inject” packets into the network To do this, he uses a fake source IP address Sometimes, all you need is one packet! SQL slammer fits in one UDP packet As long as the source address is in the NAT’s table, it’ll get through

14 Attack to NAT: Host Counting Uses IP header “id” field Most implementations just put a counter NAT boxes don’t change it Study gaps in these numbers to determine # of hosts

15 Attack to NAT: Fingerprinting Every TCP/IP implementation is different Many issues are left open in RFCs Hence, every TCP/IP stack is unique Different values for: TTL, SEQ, flags, etc. By carefully studying these differences, it is possible to identify the OS!

16 Attack to NAT: Network Mapping Technique uses “ICMP TTL Exceeded” messages Attacker injects packets with low TTL values Internal routers generate TTL exceeded replies Attacker uses these messages to carefully map the internal network!

17 NAT pros and cons NAT provides a short-term solution to the shortage of IPv4 addresses But it is NOT a firewall. Clever attackers can obtain information anyway In addition, it breaks other protocols -IP addr. info in payload -Incompatibility between IPsec AH and NAT Can become a management nightmare Hides source of attack, if internal

18 Conclusion Dynamic NAT is natural firewall between private network and public networks/Internet. NAT is not a firewall. NAT is for reusing IP addresses. Hosts in private network can share limited public IP addresses. NAT breaks end-to-end connectivity model. Solution: ALG NAT is not secure. NAT will leak information

19 References Jeff Tyson, How Network Address Translation Works http://computer.howstuffworks.com/nat.htm http://computer.howstuffworks.com/nat.htm RFC 1631 - The IP Network Address Translator (NAT) http://www.rfc-editor.org/rfc/rfc1631.txt http://www.rfc-editor.org/rfc/rfc1631.txt RFC1918 - Address Allocation for Private Internets http://www.rfc-editor.org/rfc/rfc1918.txt Lisa Phife, The Trouble with NAT http://www.cisco.com/warp/public/759/ipj_3-4/ipj_3-4_nat.html Geoff Huston, Anatomy: A Look Inside Network Address Translators http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_7 -3/anatomy.html http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_7 -3/anatomy.html RFC 3022 - Traditional IP Network Address Translator RFC 3489 - STUN - Simple Traversal of UDP Through NATs

20 And that’s it!

Download ppt "NAT Network Address Translation Presented by Snoopers Eduardo Segura Shenal Shroff Shinichi Nishiyama Suyou He Thu Nguyen."

Similar presentations

CST 415 - Computer Networks NAT CST 415 4/10/2017 CST 415 - Computer Networks.

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.
CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 25 Introduction to Computer Networks.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 25 Introduction to Computer Networks.
CS 457 – Lecture 16 Global Internet - BGP Spring 2012.

CS 457 – Lecture 16 Global Internet - BGP Spring 2012.
CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.

CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.
STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1.

STUN Date: Speaker: Hui-Hsiung Chung 1.
SIP Traversal over NAT Problems and Solutions Mr. Ting-Yun Chi May 2,2006 (Taiwan,NICI IPv6 R&D Division)

SIP Traversal over NAT Problems and Solutions Mr. Ting-Yun Chi May 2,2006 (Taiwan,NICI IPv6 R&D Division)
Ch. 1 – Scaling IP Addresses NAT/PAT and DHCP CCNA 4 version 3.0 Rick Graziani Cabrillo College.

Ch. 1 – Scaling IP Addresses NAT/PAT and DHCP CCNA 4 version 3.0 Rick Graziani Cabrillo College.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Scaling the Network with NAT and PAT.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Scaling the Network with NAT and PAT.
NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.
Chapter 5 The Network Layer.

Chapter 5 The Network Layer.
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
NAT: Network Address Translation 10.0.0.1 10.0.0.2 10.0.0.3 10.0.0.4 138.76.29.7 local network (e.g., home network) 10.0.0/24 rest of Internet Datagrams.

NAT: Network Address Translation local network (e.g., home network) /24 rest of Internet Datagrams.
Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.

Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.
Sybex CCENT 100-101 Chapter 13: Network Address Translation Instructor & Todd Lammle.

Sybex CCENT Chapter 13: Network Address Translation Instructor & Todd Lammle.
Section 461.  ARP  Ghostbusters  Grew up in Lexington, KY  Enjoy stargazing, cycling, and mushroom hunting  Met Mario once (long time ago)

Section 461.  ARP  Ghostbusters  Grew up in Lexington, KY  Enjoy stargazing, cycling, and mushroom hunting  Met Mario once (long time ago)
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Similar presentations

Ads by Google