[vox] "NAT Pinning"
nbs at sonic.net
Wed Jan 6 17:03:27 PST 2010
Huh, this sounds... interesting:
"Here is a proof of concept in what I'm calling NAT Pinning ("hacking
gibsons" was already taken). The idea is an attacker lures a victim to
a web page. The web page forces the user's router or firewall,
unbeknownst to them, to port forward any port number back to the
user's machine. If the user had FTP/ssh/etc open but it was blocked
from the router, it can now be forwarded for anyone to access (read:
attack) from the outside world. No XSS or CSRF required."
Sent from my computer
More information about the vox