blob: b6207101ee3f4170e7b8b8e20ef89ee95ebd1be2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
Query
MUST be permitted unless explicitly overridden by local policy (REQ-1)
Session MUST be remembered for at least 60s (REQ-2)
Error
MUST be traversed unless IP/ICMP checksum validation fails (REQ-3)
Packets SHOULD only be allowed to travel between realms when belonging to an
existing session (REQ-4, REQ-5)
NAT sessions MUST NOT not be refreshed.
Non-QueryError
MAY be dropped or appropriately handled (REQ-11)
DoS
The NAT device helps prevent DoS attacks with lots and lots of ICMP error
messages by blocking them if they are not linked to an existing session. If
the device would not do that, we could do something like DNS amplification.
Destroying sessions
An attacker may attempt to send bogus error messages into the NAT network
in order to destroy the current sessions. To prevent this, the NAT device
won't delete or refresh a NAT session based on an error message.
|
