1

Possible Duplicate:
How can someone hack my PC if I am connecting to the internet through NAT?

Private IP addresses (172., 192. etc.) are not routable addresses, and not visible to the outside world due to NATing.
Even if some incoming traffic for these private IPs does hit a border router, I guess most commercial routers would be configured to not route the traffic.

So, does this, in any way, imply that my system, being on a private IP (172.) inside my University network, is safe from attacks from outside?

I agree that inside attacks can very well occur, but what about any adversary wanting to target me from outside?

Community
  • 1
pnp
  • 1,818
  • 2
  • 26
  • 42

1 Answers1

2

No. Though reducing your direct exposure to the Internet with NAT does reduce some risks as long as you are on an Internet connected network there are many ways for attackers to reach you.

Examples of tactics that evade or ignore NAT (not complete):

  • application vulnerabilities in client/server (web browser) or peer to peer software (Skype) you run.
  • phishing emails or fake websites with malicious payload or links to attacker sites
  • "drive-by" malware embedded in ads on otherwise legitimate sites
  • IPv6 (if enabled) usually does not use NAT
  • attacks within VPN or GRE tunnels
Luc
  • 31,973
  • 8
  • 71
  • 135
adric
  • 380
  • 2
  • 10
  • 1
    IPv6 does NOT evade or ignore NAT. –  Aug 30 '12 at 13:45
  • IPv4 NAT would be completely irrelevant to IPv6 if active. If the router and hosts have IPv6 enabled connections may be NATed or permitted depending on the default dual-stack configurations. I admit this is a bit of a stretch but I threw it in anyway for flavour. – adric Aug 30 '12 at 13:50