2

Let's suppose that I have a router and three computers connected to Internet through that router. When I tried to get the external IP address for each computer, I got the same address. I think this is due to NAT translation. I want to know how a hacker can scan a specific computer of the three computers using nmap and get all information about that specific one.

Mark
  • 34,646
  • 9
  • 87
  • 137
computerSPro
  • 23
  • 1
  • 5

2 Answers2

3

For the most part, you can't. NAT acts somewhat like a firewall with a "default deny" rule. Unless you set up a DMZ or port forwarding, a computer on the "internet" side of the router cannot make unsolicited contact with the computers on the "private" side.

Mark
  • 34,646
  • 9
  • 87
  • 137
  • Yeah, i mean if behind a router there is a host based on windows 7 and other host based on windows 8. How can i scan only the host based on windows 7 ? – computerSPro Aug 15 '14 at 09:04
  • As I said in my answer, you can't. The router prevents it. – Mark Aug 15 '14 at 09:06
  • Okay, but i wanna know how people can compromise a system if they can't scan it ? – computerSPro Aug 15 '14 at 09:07
  • To greatly oversimplify, by making guesses about the nature of the system. – Mark Aug 15 '14 at 09:09
  • To be a bit of a pedant, NAT doesn't provide any security by itself and could leak internal addresses. See David's excellent answer to a similar question here: http://security.stackexchange.com/a/8773/47496 – Chris Murray Aug 15 '14 at 10:07
0

I'm a noob at infosec but can't you do:

nmap 192.168.1.0/24

This assumes you are behind the router

secnub
  • 1
  • No, because to do that, you would have to be on that network. The question (which may not be entirely clear) is asking how an external attacker who isn't on that network would target a specific computer. – Xander Aug 15 '14 at 21:18