Vulnerabilitat al Netfilter NAT

Reading time: 1 – 2 minutes

No tenia ni idea però llegint la securityfocus m’he trobat amb
aquesta vulnerabilitat, de fet tp és res d l’altre món.

Doncs res aquí va una descripció de l’error:

It is possible for a remote user to discover ports on a firewall that are
mapped to systems behind the firewall via NAT. By sending a TCP packet to a
port on a system with a TTL less than the total amount of hops to the firewall,
when the packet is routed to the host via NAT, a ICMP TTL Expired response will
be generated. This response, generated by the host at the end of the NAT rule,
will not be translated by the NAT system.

De fet no hi ha cap solució encara, però Redhat proposa aquest
‘workarround’:

‘iptables -A OUTPUT -m state -p icmp –state INVALID -j DROP’

Pos res això demostra q res és perfecta…