bit-tech.net

CardJoe · 5th Apr 2010, 07:13

http://www.bit-tech.net/news/hardwar...aversal-tool/1

proxess · 5th Apr 2010, 09:40

Ohhh... interesting...

Tulatin · 5th Apr 2010, 10:05

Oh hey, it's just what Skype does but in Malicious form.

eddtox · 5th Apr 2010, 11:58

That's a bit worrying :-(

mjm25 · 5th Apr 2010, 12:32

i'm surprised he hasn't been hired yet...

Veles · 5th Apr 2010, 12:33

Uplink is here!

War-Rasta · 5th Apr 2010, 13:20

There's a truckload of possible legitimate uses for this but the fear of malicious apps will never go away. At least the fact that the code is fully available means that security software could possibly be developed to detect this on the PC itself.

amacieli · 5th Apr 2010, 16:05

And, just as Pirate Bay and IsoHunt are shutting down, the p2p darknet has given birth.

saspro · 5th Apr 2010, 16:39

So it's like hamachi but not made by logmein. Hmmn.
I think I'll have a read through the source code.

Psytek · 5th Apr 2010, 17:31

" it's something that will give those who rely on NAT 'firewalls' for protection pause for thought "

No it won't, even the stupidest, inexperienced admin knows that port blocking will only stop casual users from using a particular service. To anyone with half a brain and access to google, port blocking is just like moving a door 5 meters to the left, just as easy to walk through.

Shagbag · 5th Apr 2010, 19:04

I must be missing something here. If my firewall is instructed to drop all incoming IP packets (regardless of protocol) that don't pertain to an already established connection, just how does this make my firewall insecure?

LucusLoC · 5th Apr 2010, 19:07

@psytek

LucusLoC · 5th Apr 2010, 19:08

damn tab button, lets have another go at that shall we?

@psytec

very true.

that is all.

Shagbag · 5th Apr 2010, 19:35

Loren ipsum

MarkW7 · 5th Apr 2010, 19:42

That guys quite a programmer, shame he didn't bring myspace down.

OleJ · 5th Apr 2010, 22:42

No it's not worrying. It's a tunnel! You might as well call VPN, SSH etc "worrying".
As "saspro" mentions above "it's like hamahachi".

It does NOT mean that anyone can bypass your NAT and reach all machines on the LAN. The tool needs to be running on both sides of the NAT for that to be possible.

...meh

Oh and if you rely on port-blocking for security on outgoing traffic then you're only asking for it anyways.

Dead Ghost · 6th Apr 2010, 00:31

Quote:

Originally Posted by amacieli

And, just as Pirate Bay and IsoHunt are shutting down, the p2p darknet has given birth.

How come? Can you explain please? If this tool will be used for p2p public trackers, others (ie law enforcers) won't see your IP? How will you remain hidden?

dyzophoria · 6th Apr 2010, 09:49

as OleJ has mentioned, isnt it just a tunnel?

StoneyMahoney · 6th Apr 2010, 10:17

"transmitted without the owner's knowledge"

The security risk in this situation comes from a network user doing things they shouldn't - be it connecting to malicious remote sites or acting maliciously themselves - and is thus nothing new. It would let people upload stolen data to their own computer at home, rather than a 3rd-party FTP site, which actually makes it far easier to prove it was them what done it, off'sah.

Move along, nothing new to see here.

Besides, any sysadmin with half a brain knows how to configure a real firewall.

1 - Block everything in both directions.
2 - Add exceptions for valid traffic.
3 - User's machine do *nothing* external directly - it's by proxy or not at all.

ViceVirtue · 6th Apr 2010, 13:49

This tool is legitimate, and I thank Samy for his research (bloody well done)

Yes, this is like what Skype does, except it does it without a central server (Skype's servers act as a rendezvous point) making this method much more useful for use in peer-to-peer applications.

There is no need for Administrators to be concerned by this - NAT is *not* a method for locking-down a network. There is some inherent security in placing clients behind a NAT, and that hasn't been circumvented by this tool.

5th Apr 2010, 07:13	#1
CardJoe Freelance Journalist bit-tech Staff Join Date: Apr 2007 Posts: 11,334	Hacker releases NAT traversal tool http://www.bit-tech.net/news/hardwar...aversal-tool/1 __________________ ... The Unlimited Hyperbole Podcast @joethreepwood on Twitter

5th Apr 2010, 09:40	#2
proxess Hypermodder Join Date: Nov 2006 Location: The town of Love, Funchal Posts: 945	Ohhh... interesting... __________________ Laptop: i3 330M 2.13GHz; 2x 4GB 1066MHz; Radeon 5650 1GB @ 675/1020MHz; Crucial M4 256GB SSD; Ubuntu 12.04 x64 and Windows 7 x64. Ubuntu #8076 / Linux #429448

5th Apr 2010, 11:58	#4
eddtox Homo Interneticus Join Date: Jan 2006 Location: Maidstone, Kent Posts: 1,296	That's a bit worrying :-( __________________ Check out my big clearout sale - Now with added Kindle

5th Apr 2010, 12:32	#5
mjm25 Supermodder Join Date: Jan 2009 Location: Kent, England Posts: 507	i'm surprised he hasn't been hired yet... __________________ EP45-UD3R, QX6800, 8GB Ballistix 6400 4-4-4-12, Radeon 6990, All in an Arc!

5th Apr 2010, 13:20	#7
War-Rasta Supermodder Join Date: May 2002 Location: Santo Domingo, Dom. Rep. Posts: 394	There's a truckload of possible legitimate uses for this but the fear of malicious apps will never go away. At least the fact that the code is fully available means that security software could possibly be developed to detect this on the PC itself. __________________ Proud member of WarNet Inc. WarNet Rulez!!

bit-tech.net

Site Links

Our Other Sites

5th Apr 2010, 10:05	#3
Tulatin The Froggy Poster Join Date: Oct 2003 Location: Canada Posts: 3,148	Oh hey, it's just what Skype does but in Malicious form.

5th Apr 2010, 16:05	#8
amacieli Multimodder Join Date: Feb 2008 Posts: 93	And, just as Pirate Bay and IsoHunt are shutting down, the p2p darknet has given birth.

5th Apr 2010, 16:39	#9
saspro Infrastructure Specialist Join Date: Apr 2009 Location: Kingston upon Thames Posts: 8,499	So it's like hamachi but not made by logmein. Hmmn. I think I'll have a read through the source code. __________________ If what I've said helps you please remember to hit the rep button on the left Missing the old meeting place? Find us here

5th Apr 2010, 17:31	#10
Psytek Multimodder Join Date: Dec 2008 Posts: 158	" it's something that will give those who rely on NAT 'firewalls' for protection pause for thought " No it won't, even the stupidest, inexperienced admin knows that port blocking will only stop casual users from using a particular service. To anyone with half a brain and access to google, port blocking is just like moving a door 5 meters to the left, just as easy to walk through.

5th Apr 2010, 19:04	#11
Shagbag All glory to the Hypnotoad! Join Date: Nov 2006 Location: /dev/null Posts: 320	I must be missing something here. If my firewall is instructed to drop all incoming IP packets (regardless of protocol) that don't pertain to an already established connection, just how does this make my firewall insecure? __________________ Worth thinking about: do Firefox exploits affect non-Windows users?

5th Apr 2010, 19:07	#12
LucusLoC Multimodder Join Date: Nov 2006 Posts: 91	@psytek

5th Apr 2010, 19:08	#13
LucusLoC Multimodder Join Date: Nov 2006 Posts: 91	damn tab button, lets have another go at that shall we? @psytec very true. that is all.

5th Apr 2010, 19:35	#14
Shagbag All glory to the Hypnotoad! Join Date: Nov 2006 Location: /dev/null Posts: 320	Loren ipsum __________________ Worth thinking about: do Firefox exploits affect non-Windows users?

5th Apr 2010, 19:42	#15
MarkW7 Total Noob Join Date: Nov 2008 Location: Manchester, UK Reputation: 443 Posts: 1,745	That guys quite a programmer, shame he didn't bring myspace down. __________________ www.mcompute.co.uk

5th Apr 2010, 22:42	#16
OleJ Me! Join Date: Jul 2007 Location: Copenhagen, Denmark Posts: 2,024	No it's not worrying. It's a tunnel! You might as well call VPN, SSH etc "worrying". As "saspro" mentions above "it's like hamahachi". It does NOT mean that anyone can bypass your NAT and reach all machines on the LAN. The tool needs to be running on both sides of the NAT for that to be possible. ...meh Oh and if you rely on port-blocking for security on outgoing traffic then you're only asking for it anyways. __________________ Quickr! Clickr to my Flickr! Canon camera stuff. Some aluminium PC, a Mac Mini and a last-gen MBP 17"..

6th Apr 2010, 09:49	#18
dyzophoria Supermodder Join Date: May 2004 Location: Home Posts: 306	as OleJ has mentioned, isnt it just a tunnel? __________________ [FONT=Lucida Console]picture this..[/FONT] // [FONT=Tahoma][FONT=Fixedsys]picture that..[/FONT][/FONT]

6th Apr 2010, 10:17	#19
StoneyMahoney Multimodder Join Date: Jul 2009 Location: Stanford-Le-Hope, Essex Posts: 219	"transmitted without the owner's knowledge" The security risk in this situation comes from a network user doing things they shouldn't - be it connecting to malicious remote sites or acting maliciously themselves - and is thus nothing new. It would let people upload stolen data to their own computer at home, rather than a 3rd-party FTP site, which actually makes it far easier to prove it was them what done it, off'sah. Move along, nothing new to see here. Besides, any sysadmin with half a brain knows how to configure a real firewall. 1 - Block everything in both directions. 2 - Add exceptions for valid traffic. 3 - User's machine do nothing external directly - it's by proxy or not at all.

6th Apr 2010, 13:49	#20
ViceVirtue What's a Dremel? Join Date: Jun 2005 Location: Australia Posts: 4	This tool is legitimate, and I thank Samy for his research (bloody well done) Yes, this is like what Skype does, except it does it without a central server (Skype's servers act as a rendezvous point) making this method much more useful for use in peer-to-peer applications. There is no need for Administrators to be concerned by this - NAT is not a method for locking-down a network. There is some inherent security in placing clients behind a NAT, and that hasn't been circumvented by this tool.