network programming - Is pwnat still working? -


i need solution nat traversal transmit rdp data across internet. came across following tool , it's amazing - pwnat.

i have tried 2 different machine behind different router, unable make work explained in above link. pwnat still working , if yes have done wrong? helpful me.

note: using windows machine testing , downloaded windows version following link..

http://www.sumitgupta.net/pwnat-windows-complied-version/

any please..

no.
assume know how work: enter image description here
server sends icmp echo request packets fixed address(for example, 1.2.3.4) no echo replies won't returned from, client, pretending hop on internet, sends icmp time exceeded packet server, expect nat in front of server forward icmp time exceeded message server.

the picture above homepage of pwnat, it's on premise client not behind nat , original payload in time exceeded message typically not checked nat implementations. if both client , server behind nat this, 

========================================================================================= | client  | <---> |  nat-c  | <---> { internet } <---> |  nat-s  | <---> | server | =========================================================================================

it works nowadays 2 reasons below:

  1. when server sends icmp echo request packets fixed address, according rfc 3022, identifier field in icmp echo request header uniquely mapped query identifier of registered ip address nat-s can route future icmp echo replies same query id sender, so icmp header in icmp query packets must modified replace query id , icmp header checksum. rfc 3022 icmp error packet modifications section:

    in napt setup, if ip message embedded within icmp happens tcp, udp or icmp query packet, need modify appropriate tu port number within tcp/udp header or query identifier field in icmp query header.

    but client doesn't know external query id(the code in pwnat use 0 identifier of original request), sends icmp time exceeded packet server, if packet can reach nat-s in front of server, nat-s can't find active mapping embedded packet, of nat implementations drop it.

  2. moreover, according rfc 5508, when nat-c receives icmp error packet private realm, nat-c uses packet embedded within icmp error message (i.e., ip packet client server) nat session embedded packet belongs. if nat-c not have active mapping embedded packet, nat-c should silently drop icmp error packet. means icmp time exceeded packet client wouldn't arrive @ nat-s.

so pwnat works basic nat devices(rfc 1631 describes) simple address translation, won't work napt device has robust napt implementation. , this paper mention problem.


Comments

Post a Comment

Popular posts from this blog

apache - Remove .php and add trailing slash in url using htaccess not loading css -

i have add following code htaccess file removing .php extension , add trailing slash urls. worked fine reduced page loading speed , css code not loading @ all. pages ugly. please help rewriteengine on rewritebase / ## hide .php extension snippet # externally redirect /dir/foo.php /dir/foo rewritecond %{the_request} ^[a-z]{3,}\s([^.]+)\.php [nc] rewriterule ^ %1/ [r,l] # add trailing slash rewritecond %{request_filename} !-f rewritecond %{request_uri} !/$ rewriterule . %{request_uri}/ [l,r=301] # internally forward /dir/foo /dir/foo.php rewritecond %{request_filename} !-d rewritecond %{request_filename}.php -f rewriterule ^(.*?)/?$ $1.php [l] we can rewrite urls using .htaccess files. before writing in .htaccess files need verify kind of server using. can check server adding a <?php phpinfo(); ?> in php page. ensure mod_rewrite module enabled in apache server. can identified checking phpinfo included page. common methods used url rewriting follows ...
Read more

javascript - jQuery show full size image on click -

pretty self explanatory not workking . i want display full image when user click on image... yes know there tons of plugins but i want keep simple. any idea ? css : .full { display: none; width: 500px; height: 500px; margin-left: 100px; margin-top: -300px; position: fixed; background-color: #f00; z-index: 6; } .thumbnail { width: 50px; height: 50px; } html: <img class="thumbnail" src="http://4.bp.blogspot.com/-uhbdp2esxng/txneptvi92i/aaaaaaaaaky/upfqis7zto0/s1600/rihanna-wallpaper.jpg"> jquery: $(document).ready(function() { $('.thumbnail').on('click', function() { var img = $('<img />',{src:this.src,'class':'full'}); $('.full').html(img).show(); console.log('done!'); }); }); try looking how jquery works. $(document).ready(function() { $('.thumbnail').on('click', function(...
Read more