From 4dc9d5df69d36b5528f88efdd12da5025d3e9ed4 Mon Sep 17 00:00:00 2001 From: w3w3w3 <44022617+ncorbuk@users.noreply.github.com> Date: Sun, 31 Jan 2021 20:01:03 +0000 Subject: [PATCH 1/3] Update README.md MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updated / Re-wrote the NAT explanation to use NAPT (Network Address Port Translation). Also added in DHCP as that is what creates the local network and gives devices local IP addresses, I think the way it was worded before "It does this by creating a local network, providing local IP addresses to all machines that connect" was wrong which is why i put in this pull request. P.s im a big fan of your work 👍 --- README.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index cf37bec..1c72c46 100644 --- a/README.md +++ b/README.md @@ -97,11 +97,9 @@ This attack requires the NAT/firewall to support ALG (Application Level Gateways # The Deets -## Network Address Translation (NAT) +## Network Address Port Translation (NAPT) -We use NATs (Network Address Translation) for several reasons. The most useful feature of NAT is that it allows a single public IP address to be shared among multiple systems. It does this by creating a local network, providing local IP addresses to all machines that connect, and when one of those systems reaches out to the Internet, it rewrites packets going out to use the public IP so responses come back to the NAT, and vice versa, rewriting destination IP to specific client's IP. - -It's the responsibility of the NAT to differentiate connections to the same addresses/ports (google.com:443) from internal hosts as ultimately their outbound port, destination ip and source ip will all be the same. If two different internal peers attempt to connect from the same source port, modern NATs will alter one of the source ports (some networks do this to all TCP/UDP source ports). +We use NAPT (Netowrk Adress Port Translation) for several reasons. The most useful feature of NAT is that it allows a single public IP address to be shared among multiple systems. It does this by translating local/private ip addresses which are created by DHCP (Dynamic Host Configuration Protocol) for each device when a device joins the local network. When one of those systems reaches out to the Internet, it adds an entry to the NAPT table and it rewrites packets going out to use the public IP so responses come back to the NAT, and vice versa, rewriting destination IP to specific client's IP. It's the responsibility of the PNAT to differentiate connections to the same addresses/ports (google.com:443) from internal hosts as ultimately their outbound port, destination ip and source ip will all be the same. If two different internal peers attempt to connect from the same source port, modern NATs will alter one of the source ports (some networks do this to all TCP/UDP source ports). ![NAT](img/lan.png) From 1ea8ff0b2c8a42b6dbf70f1a429c6bf0ef1e04d9 Mon Sep 17 00:00:00 2001 From: w3w3w3 <44022617+ncorbuk@users.noreply.github.com> Date: Sun, 31 Jan 2021 20:12:43 +0000 Subject: [PATCH 2/3] Update README.md changed NAT to NAPT --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 1c72c46..a71f14f 100644 --- a/README.md +++ b/README.md @@ -99,7 +99,9 @@ This attack requires the NAT/firewall to support ALG (Application Level Gateways ## Network Address Port Translation (NAPT) -We use NAPT (Netowrk Adress Port Translation) for several reasons. The most useful feature of NAT is that it allows a single public IP address to be shared among multiple systems. It does this by translating local/private ip addresses which are created by DHCP (Dynamic Host Configuration Protocol) for each device when a device joins the local network. When one of those systems reaches out to the Internet, it adds an entry to the NAPT table and it rewrites packets going out to use the public IP so responses come back to the NAT, and vice versa, rewriting destination IP to specific client's IP. It's the responsibility of the PNAT to differentiate connections to the same addresses/ports (google.com:443) from internal hosts as ultimately their outbound port, destination ip and source ip will all be the same. If two different internal peers attempt to connect from the same source port, modern NATs will alter one of the source ports (some networks do this to all TCP/UDP source ports). +We use NAPT (Netowrk Adress Port Translation) for several reasons. The most useful feature of NAPT is that it allows a single public IP address to be shared among multiple systems. It does this by translating local/private ip addresses which are created by DHCP (Dynamic Host Configuration Protocol) for each device when a device joins the local network. When one of those systems reaches out to the Internet, it adds an entry to the NAPT table and it rewrites packets going out to use the public IP so responses come back to the NAPT, and vice versa, rewriting destination IP to specific client's IP. + +It's the responsibility of the PNAT to differentiate connections to the same addresses/ports (google.com:443) from internal hosts as ultimately their outbound port, destination ip and source ip will all be the same. If two different internal peers attempt to connect from the same source port, modern NAPTs will alter one of the source ports (some networks do this to all TCP/UDP source ports). ![NAT](img/lan.png) From 9c45d1bd29883ffb8517ec33af357e49b517ec11 Mon Sep 17 00:00:00 2001 From: w3w3w3 <44022617+ncorbuk@users.noreply.github.com> Date: Sun, 31 Jan 2021 20:15:28 +0000 Subject: [PATCH 3/3] Update README.md typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a71f14f..7dc313c 100644 --- a/README.md +++ b/README.md @@ -101,7 +101,7 @@ This attack requires the NAT/firewall to support ALG (Application Level Gateways We use NAPT (Netowrk Adress Port Translation) for several reasons. The most useful feature of NAPT is that it allows a single public IP address to be shared among multiple systems. It does this by translating local/private ip addresses which are created by DHCP (Dynamic Host Configuration Protocol) for each device when a device joins the local network. When one of those systems reaches out to the Internet, it adds an entry to the NAPT table and it rewrites packets going out to use the public IP so responses come back to the NAPT, and vice versa, rewriting destination IP to specific client's IP. -It's the responsibility of the PNAT to differentiate connections to the same addresses/ports (google.com:443) from internal hosts as ultimately their outbound port, destination ip and source ip will all be the same. If two different internal peers attempt to connect from the same source port, modern NAPTs will alter one of the source ports (some networks do this to all TCP/UDP source ports). +It's the responsibility of the NAPT to differentiate connections to the same addresses/ports (google.com:443) from internal hosts as ultimately their outbound port, destination ip and source ip will all be the same. If two different internal peers attempt to connect from the same source port, modern NAPTs will alter one of the source ports (some networks do this to all TCP/UDP source ports). ![NAT](img/lan.png)