News Hacker releases NAT traversal tool

http://www.bit-tech.net/news/hardware/2010/04/05/hacker-releases-nat-traversal-tool/1

 

Ohhh... interesting...

 

Oh hey, it's just what Skype does but in Malicious form.

 

That's a bit worrying :-(

 

i'm surprised he hasn't been hired yet...

 

Uplink is here!

 

There's a truckload of possible legitimate uses for this but the fear of malicious apps will never go away. At least the fact that the code is fully available means that security software could possibly be developed to detect this on the PC itself.

 

And, just as Pirate Bay and IsoHunt are shutting down, the p2p darknet has given birth.

 

So it's like hamachi but not made by logmein. Hmmn.
I think I'll have a read through the source code.

 

" it's something that will give those who rely on NAT 'firewalls' for protection pause for thought "

No it won't, even the stupidest, inexperienced admin knows that port blocking will only stop casual users from using a particular service. To anyone with half a brain and access to google, port blocking is just like moving a door 5 meters to the left, just as easy to walk through.

 

I must be missing something here. If my firewall is instructed to drop all incoming IP packets (regardless of protocol) that don't pertain to an already established connection, just how does this make my firewall insecure?

 

@psytek

 

damn tab button, lets have another go at that shall we?

@psytec

very true.

that is all.

 

Loren ipsum

 

That guys quite a programmer, shame he didn't bring myspace down.

 

No it's not worrying. It's a tunnel! You might as well call VPN, SSH etc "worrying".
As "saspro" mentions above "it's like hamahachi".

It does NOT mean that anyone can bypass your NAT and reach all machines on the LAN. The tool needs to be running on both sides of the NAT for that to be possible.

...meh

Oh and if you rely on port-blocking for security on outgoing traffic then you're only asking for it anyways.

 

How come? Can you explain please? If this tool will be used for p2p public trackers, others (ie law enforcers) won't see your IP? How will you remain hidden?

 

as OleJ has mentioned, isnt it just a tunnel?

 

"transmitted without the owner's knowledge"

The security risk in this situation comes from a network user doing things they shouldn't - be it connecting to malicious remote sites or acting maliciously themselves - and is thus nothing new. It would let people upload stolen data to their own computer at home, rather than a 3rd-party FTP site, which actually makes it far easier to prove it was them what done it, off'sah.

Move along, nothing new to see here.

Besides, any sysadmin with half a brain knows how to configure a real firewall.

1 - Block everything in both directions.
2 - Add exceptions for valid traffic.
3 - User's machine do *nothing* external directly - it's by proxy or not at all.

 

This tool is legitimate, and I thank Samy for his research (bloody well done)

Yes, this is like what Skype does, except it does it without a central server (Skype's servers act as a rendezvous point) making this method much more useful for use in peer-to-peer applications.

There is no need for Administrators to be concerned by this - NAT is *not* a method for locking-down a network. There is some inherent security in placing clients behind a NAT, and that hasn't been circumvented by this tool.