Reverse NAT/Intercepting Proxy Detection

info Nessus Plugin ID 31422

Synopsis

The remote IP address seems to connect to different hosts via reverse NAT, or an intercepting proxy is in the way.

Description

Reverse NAT is a technology which lets multiple computers offer public services on different ports via the same IP address.

Based on OS fingerprinting results, it seems that different operating systems are listening on different remote ports.

Note that this behavior may also indicate the presence of a intercepting proxy, a load balancer or a traffic shaper.

Solution

Make sure that this setup is authorized by your security policy

See Also

https://en.wikipedia.org/wiki/Proxy_server#Intercepting_proxy_server

Plugin Details

Severity: Info

ID: 31422

File Name: reverse_nat_detection.nasl

Version: 1.13

Type: remote

Family: Firewalls

Published: 3/12/2008

Updated: 4/11/2022

Configuration: Enable thorough checks

Asset Inventory: true

Supported Sensors: Nessus