As far as I can tell, this approach would work just fine against my gnatbox under my current config. I don't have any outbound filters that block UDP traffic. Does anyone think this policy is worth reconsidering?
Good article. Thanks for the link. -----Original Message----- From: David Morris [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 25, 2007 3:57 PM To: GnatBox Users Group Subject: [gb-users] Skype (and similar) hole punching Like the mule, I got rapped up the side of the head with a 2x4 and the issue has my attention. This article has a good description of the basic approach. http://www.atomicmpc.com.au/article.asp?SCID=23&CIID=78074&p=1 One underlying assumption is that firewalls implement a fairly static mapping of outbound UDP ports to individual machines. My question then ... how much at risk are gnatbox protected networks to this technique for getting around a firewall? Dave Morris ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/ ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
