Network Address Translation And Wi-Fi Network Security

NAT and IPv6

1. NAT means network address translation, which practically implies that a router or a firewall is translating addresses that come from the incoming interface, into different addresses flowing from the outgoing interface; conversely, when the response to the traffic comes back, it will re-transform the addresses in the original values. The typical case for NAT is to allow sharing of public IP addresses – which are a scarce resource – amongst many hosts, as opposed as assigning a public IP address for each host.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

125.34.48.166 is a public IP address, which has been assigned to the organisation that wants to connect to the Internet; the addresses in the 10.0.0.0/8 range are of a private range, which is not allowed to route packets on a public network. The NAT server performs the translation of the addresses.

2. NAT technology help the network to improve the security by providing the private IP address. NAT packet forwarding technology helps to drop unauthorized packets.

3. NAT provide private IP address to the connected devices to resolve the less public address issue.  NAT is used in mainly IPv4 which is 32 bits. But the IPv6 is 128 bit IP address which can support lots of IP address and therefore, the NAT facility is not required.

Packet No.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Time

Source

Destination

Protocol

Info

6

0.305603

8.8.8.8

10.10.30.148

DNS

Standard query response 0x3536 A webfuse.cqu.edu.au A 138.77.5.135

Explanation:  This is a domain name resolution.

7

0.307007

10.10.30.148

138.77.5.135

TCP

64975 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1

Explanation: Start of three-way handshaking

20

1.126409

138.77.5.135

10.10.30.148

TCP

80 → 64976 [FIN, ACK] Seq=333 Ack=286 Win=30336 Len=0

Explanation:  End to the connection termination.

Frame No 2,3 and 6

The three-way handshaking for connection establishment

Frame No 7,8,9

Connection termination

Frame no 20

 a.

Access-list 35 deny 192.168.176.0 0.0.15.255

b.

Access-list 85 permit TCP any 138.77.236.58 0.0.0.0 eq 443

c.

ip access-group 105 in

access-list 20 permit tcp any host 138.77.15.77 eq smtp

access-list 112 permit tcp any host 138.77.15.77 eq 25

ip access-group 115 in

access-list 120 permit udp any 138.77. 232.10 eq domain 

1. Packet Sniffing : In Wi-Fi network packets are send wirelessly. If a user send any un-encrypted file over the network then it is very easy to capture this network packet and get the information. This procedure is called packet sniffing.   

Man in the middle attack:  Any hacker can trick the communicating device into sending the user transmission to an attacker’s system. Many type of malware can be implant into the user system through email, packets or Wi-Fi.  

2. Sniffing attack is passive attack so it is not possible to detect. One way to secure the network is using the SSL or HTTPS. Many Wi-Fi network is not possible to detect. But there are few tools are present for detecting some of the network those are nzyme and Graylog.

3 A Linux command and script is used for a particular target. After that this script searching the network and make some clone of this network into different channel. When the user try to connect with the real network then its make contact and connect it with one of the clone network. A SSL script is used to remove the HTTPS. After all of these the Wireshark or any other packet capturing tool is used to capture the network packets.