I'm learning about TCP/IP and (Berkeley/UNIX) socket programming. Let's say I have two scenarios:
1) I write two programs in C, a client and a server, and bind them each to a non-well-known port on the same (Linux) host, and experiment with exchanging data using my (novice) C skills.
2) I run the server on the Linux and run the client from a Windows that is on the same LAN (behind NAT). I think this means that the port on the Windows is "active open"? (Note that I don't yet know anything about WinSock or getting around NAT.)
In each of these cases, is it conceivable that some bot could scan for open ports while one or both of the programs are running behind NAT? If so, is there a way for an attacker to see the source of the custom programs I'm running and exploit misused pointers, do buffer overruns, etc.? This is a home network, and there's no reason that anyone would target it specifically.