> *arbitrary tcp and udp packets* ... except these arbitrary tcp/udp packets wil... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		eps on Nov 1, 2020 \| parent \| context \| favorite \| on: NAT Slipstreaming > arbitrary tcp and udp packets ... except these arbitrary tcp/udp packets will be in IP fragments and therefore invalid. The whole thing hinges on the NAT code NOT reassembling IP packets before passing them to ALG and the ALG also not observing IP fragmentation. These are bugs, and pretty severe at that, so the mitigation is just to patch the code.

twic on Nov 1, 2020 | [–]

It only depends on IP fragmentation to forge UDP datagrams. It forges TCP segments by padding the previous segment.

But, as gnfargbl points out, the TCP case can be caught by looking at the sequence number, or perhaps some conntrack state.

Dahoon on Nov 1, 2020 | [–]

Which won't happen in almost 100 procent of devices.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact