[svlug] NAT from the outside
Ivan Sergio Borgonovo
mail at gorilla.it
Mon Jun 11 02:13:01 PDT 2001
Il 10:34, lunedì 11 giugno 2001, Seth David Schoen scrisse:
> Ivan Sergio Borgonovo writes:
> > Is there any means to see if a gateway using NAT is hiding a LAN?
> Not in general.
- there is no simple method to know
- there are some services that could put you in trouble
- there is no simple method to know if you avoid to use some services
which of the above?
what if I change "simple" with "automatic"?
> > Are there any "exotic" services that could require partial
> > unhiding or configuration nightmares if I want the service
> > running but _also_ if I want to hide that it is serviced by an
> > internal machine?
> They're not very exotic -- FTP can be one such.
FTP server side... right? Client should works as if it was run frm
Does the problem reside just in dynamic ports?
Where can I find a list of services/ports so I could know if I'll
ever need such things?
> Many services are now designed so that you can use them over an
> arbitrary single 8-bit clean connection, which helps if you want to
> do some kind of port redirection or tunnel. This is a strong trend
> for many reasons, including the rise of firewalls and NAT.
Since it seems you know exactly what the problem is, if you can give
me a pointer to understand it better I'll stop to bother.
Part about "arbitrary single 8-bit clean connection" is not clear.
avid reader of /usr/src/linux/Documentation/
More information about the svlug