Paper/Tutorial name: Basics of NAT and it's working ________________________________________________________
Paper/Tutorial name:Basics of NAT and it's working
Written by: mandi
For: Iexploit and hackforums
Difficulty: Easy to Intermediate ___________________________
1)Intro
2)Types of NAT and Basic working of NAT
3)Advantages and disadvantages of NAT
_________________________________________________
1)Intro
NAT-NAT stands for "Network Address Translation"
Here are some of the main reason STATES why NAT is being used
1)To act as an agent or provides Translation between the Internet (or "public network") and a local (or "private") network.
2)Hides internal Network Structure of the Intranet on the Internet.
3)Saves or reduces the use of IP-V4 Addressing on the Internet
4)Can be used to represent 1000's of Private IP's of a company/organization with a single IP on the Internet and using NAT is the main reason ,that is why we are still using ip-v4 address on the internet,Other-wise it would have been exhausted...
A NAT Network will look like this
http://www.ssimail.com/images/Sonicwall/Nat.gif
Also in most scenes, NAT is implemented on the Border-routers of a Network
1)Static NAT 2)Dynamic NAT 3)Port Address Translation (PAT) -----> (most common and popular one being used on the Internet)
Also You need to know about 4 NAT terms
1)Inside Local address---->Address of the source host before translation
2)Inside Global Address---->Address of the source host after Translation
3)Outside Local Address----->Address of the Destination host before translation
4)Outside Global Address---->Address of the Destination host After translation
NOTE:Here translation indicates conversion of Private IP in to public IP...
you need to know the above things ,when it comes to understanding complex NAT structure ,the above things will be handy for you to understand the complex things
Now i will explain Static NAT
Static NAT:
Static NAT Represents "set of Private IP Ads are maped directly to a Set of Public Address on a one-to-one basis."
In static NAT, the computer with the IP address of 192.168.32.10 will always translate to 213.18.123.110.
now take a look on the above diagram,In this diagram the private-Ip address 192.168.32.10 is translated in to 213.18.123.10
It is fixed or when-ever a connection is established from this private-ip i.e 192.168.32.10 it is Automatically translated or mapped in to a fixed public address i.e 213.18.123.10
Like this for every private ip address on the intranet is mapped in to a fixed public IP Address..
The biggest disadvantage of this type of Static NAT is It needs LOT OF unique public ip address to represent each host on the INTRANET
Dynamic NAT:
In Dynamic NAT "A set of Private IP Addresses are maped to a pool of Public addresses",This may look similar to Static NAT,But the Difference is instead of using one external address for translation, there are now several
In dynamic NAT, the computer with the IP address 192.168.32.10 will translate to the first available address in the range from 213.18.123.100 to 213.18.123.150.
when-ever a private-ip say for example 192.168.32.10 is establishing a request to the internet ,it is translated or mapped from a pool of available public address instead of one ,And Always the first address from the available pool(i.e public ip pool) is chosen
The Dis-advantage of Dynamic NAT is similar to Static NAT,this type of NAT also requires lot of ip address for translation...
Port Address Translation (PAT):
This is the most popular NAT Type being used All-over the world Because unlike the other 2 NAT Types it does not requires lot of public IP address for translation...
PAT Defines "Many Internal-ip address or private ip address can be mapped in to single external-ip or public-ip address"
In this case, many internal addresses can share 1 external IP address and Remember PAT CAN Also remember PAT can also be configured to provide translation from a pool of ip's also
It is more flexible than the other 2 types of NAT,that is why this method is more popular and have been used or implemented in most places like ISP'S ,corporates,organizations etc..
For more understanding please have a look at this picture
this method i.e PAT Also called as "overloading"..
Also remember while translation the NAT router does not use the same ports for 2 same hosts
For example if 192.168.32.10 and 192.168.32.12 are the 2 private ip's on the internet and if they are connecting to the internet,their request will be sent from 2 different ports say 192.168.32.10's request will be sent from port 101 of the NAT router and 192.168.32.12's request will be sent from port 102 of the NAT router ,this is been done to avoid confusion while sending the traffic back to the internal hosts (i.e 192.168.32.10 and 192.168.32.12)
1)Enhances the level of security within the Network by hiding its internal structure
2)Prevents exhaustion of ip-v4 address or reduces or conservers the use of ip-v4 address
3)When an existing IP Network is attached to the Internet, there is no need to replace the IP address of each and every host on the internal net - the task is accomplished by the NAT.
4)Also making network enumeration hard for the hackers,(From my personal experience i am saying )if the network is protected with NAT router ,you can not map the internal structure of the internal network unless you have access to one of them....
Dis-advantages:
1)Ip 2 IP TRACING is very hard
2)No Tracking of Protocol Information Other Than the Port Number Information
3)Limited Control on Initial Connections
4)Also some Applications and some protocols does not work with NAT,sat for example IP-SEC protocol which verifies packets for data-integrity will drop connections/data from the NAT connections because the NAT ROUTER modifies the source address during the translation,..
5)even tough it provides security,it is harder to implement ,maintain and trouble shoot.....
NOTE:I had written this paper on my own by referring many web-sites , articles and documents,Also if you feel i need to improve on any part please let me know,Also my english is not very good ,so kindly bear with it,...