Why so many servers?

Forest Johnson forest.n.johnson at gmail.com
Thu May 7 16:29:05 UTC 2020


I just thought you guys would get a kick out of this -- Hacker
Traverses NATs using this one weird trick:  Network Admins HATE him!

http://samy.pl/pwnat/
http://samy.pl/chownat/

On Thu, May 7, 2020 at 9:12 AM Andrew Benson <drewbenson at netjack.com> wrote:
>
> Lol yeah I remember when I first heard about UPnP — thinking that it was a completely insane idea.
>
> Maybe it’s not insane, but …
>
> Somebody with more time on their hands than me needs to think of a new plan.
>
> > On May 7, 2020, at 9:05 AM, Robbie D <hello at robertdherb.com> wrote:
> >
> >
> >
> > On 5/7/2020 12:44 AM, Daniel Feldman wrote:
> >> Way back in the mid-2000s, there was this idea that applications on
> >> the network could request holes in the firewall programmatically so
> >> they could do peer-to-peer connections through a protocol called UPnP.
> >> It never really took off
> > To be honest, I'm kind of glad it didn't. I've never seen an implementation that lets you do UPnP on a per-device basis, so you'd either let nothing through, or potentially let everything through. At that point, you have to REALLY trust that no device on your network is unsecure, and as we've seen from IoT devices, that's too much to ask of consumer devices.
> >
> > And even if there were per-device rules on UPnP... Well, then you're right back where you started, having to configure your router for each device you want to allow through. It's a tough problem to solve, and I think STUN took off because it's as easy (For the user) as UPnP, but doesn't punch holes in your PC. Of course, there is still a level of trust needed, but at least getting into your network has the extra required step of compromising the server.
>


More information about the Friends mailing list