On Mon, 21 Jan 2002, R P G wrote:
> I was wondering if anyone knows of a method to test a NAT system for
> address space leakage.
>
> Thanks.
>
> --Bob
>
The easiest way to do this is try a zone transfer (host -l abc.com). If
the DNS servers are not set up correctly, you have a good shot at having a
list of the internal machines. Also, sometimes if you traceroute to a
machine, you will get the internal IP of the gateway, which might be of
use. SNMP might also be good to you and give you a few internal IP's, but
there is a very good chance that the firewall will block SNMP, but you
might get lucky.
I havn't heard of any specific tools to tast for leaks, and from what I
have seen in the past, the best method is to query the various network
servers which are known to give away network information.
-- Jamie
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
