Recipe to bust through NAT-for a good purpose.
Posted on 2003-11-19
For years I've been programming business apps, not hacking. I can get around a NT but am not super learned on all the network internals.
I'm working at a company where the boss thinks NAT will protect all the internal clients/servers. A DSL line, DSL modem, Linksys DSL router stand between the clients and the Internet. DHCP is enabled on the Linksys. Because he believes so much in NAT, we don't have passwords on any of the clients, and users often logon as administrator! I know, it's bad.
Without knowing anything about the network, besides the IP address of the cable modem, can someone provide a (simple?) recipe to get to a internal client (ex. 192.168.1.105), and leave evidence of the intrusion. I suspect several external hackers have done so already.
I don't want to do damage, but I want to PROVE that a half-way savy hacker can poke through his "security" model. Maybe then I can get him to see the wisdom of at least passwords.
The clients range from Win 98 to XP Pro. All flavors.
I've read many of the posts about security here. So there isn't a need to repeat NATs ability to protect--I'll just assume it doesn't and wait for the proof.