• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux NetFilter NAT Information Leakage Vulnerability

The Linux Kernel is the core of all Linux operating systems. It is developed and maintained by public domain.

It is possible for a remote user to discover ports on a firewall that are mapped to systems behind the firewall via NAT. By sending a TCP packet to a port on a system with a TTL less than the total amount of hops to the firewall, when the packet is routed to the host via NAT, a ICMP TTL Expired response will be generated. This response, generated by the host at the end of the NAT rule, will not be translated by the NAT system.