NAT Denial of Service: An Analysis of Translation Table Behavior on Multiple Platforms

Network Address Translation or NAT, is a technology that is used to translate internal addresses to globally routable addresses on the internet. NAT continues to be used extensively in almost every network due to the current lack of IPv4 addresses. Despite being exceptionally commonplace, this networking technique is not without its weaknesses, and can be disabled with a fairly straightforward attack. By overpopulating the translation table, the primary mechanism used to translate the internal to external addresses, an attacker can effectively deny all internal users access to the external network. This paper takes an in-depth look at how five different vendors: Cisco, Extreme, Linksys, VMWare, and Vyatta, implement the translation table during active NAT sessions and how they are affected by TCP, UDP, and ICMP variations of the DOS attack

IPv6 Network Address Translation

Tato práce se zabývá překladem síťových adres Internetového protokolu verze 6. Cílem práce je využít překlad při automatické konfiguraci koncových zařízení. V práci jsou diskutovány stávající mechanismy určené k dynamické konfiguraci zařízení, a jejich výhody a nevýhody. Je zde navržen a implementován systém pro připojení domácí počítačové sítě k síti Internet, kombinující technologie Network Prefix Translation a Neighbor Discovery Proxy.This thesis deals with the translation of network addresses in the Internet protocol version 6. The aim is to use translation in the automatic configuration of end devices. In this work are discussed existing mechanisms for the dynamic configuration, and their advantages and disadvantages. There is designed and implemented system for connecting home computer network to the Internet, which combines Network Prefix Translation and Neighbor Discovery Proxy technologies.

NAT denial of service: An Analysis of translation table behavior on multiple platforms

Network Address Translation or NAT, is a technology that is used to translate internal addresses to globally routable addresses on the internet. It is used extensively in almost every network requiring global connectivity due to the current lack of IPv4 addresses. The primary mechanism used to facilitate the translation of internal addresses to external addresses and vice versa is the translation table. This study takes an in-depth look at how five different vendors: Cisco, Extreme, Linksys, VMWare, and Vyatta, implement the translation table during active NAT sessions. Additionally, this study analyzes the methodology required to fill a translation table and the Denial of Service that is a result of the attack. We consider the relative difficulty of accomplishing this task between the different platforms and protocols (TCP vs UDP vs ICMP). We conclude this study with steps that can be taken to prevent or mitigate the NAT DOS attack