10.11 Exploit SecureNAT for Remote Access into Firewall without Any Permission

Combined revision comparison

...

Network Layout.Fig. 10-11-1Network Layout

...

VPN Server Manager.Fig. 10-11-2VPN Server Manager

...

Fig. 10-11-3 Creating a VPN Bridge Connection Configuration.

...

Fig. 10-11-4 Connection to the VPN Bridge Completed.

...

Fig. 10-11-5 The Virtual Hub Administration Window.

...

Enabling SecureNAT.Fig. 10-11-6Enabling SecureNAT

...

Fig. 10-11-7 Configuring the Cascade Connection to the VPN Server On the Internet.

...

Fig. 10-11-8 Remote Access Via SecureNAT.

...

Fig. 10-11-9 Packet Flow When Accessing the Internet Via SecureNAT  .

...

Due to potential security hazards do not use SecureNAT in the following ways: Do not make a network remotely accessible with general user privileges without receiving permission from the network administrator beforehand. Do not install VPN Bridge with SecureNAT enabled on a computer managed by someone else (such as at a company, university, Internet cafe, government office, airport, or other public place) and then access the Internet from home using that computer as a stepping stone without obtaining permission to do so beforehand. Do not install/configure VPN Bridge with SecureNAT enabled on an internal office network with the intention of illegally accessing that network from outside the office at a later time. Do not use it on a network for any other reason without obtaining permission from the network or system administrator or someone who has administrator privileges on that network beforehand. All of the methods of use described above are strictly forbidden under SoftEther VPN's end user license agreement and could be illegal under certain circumstances.

...

Fig. 10-11-10 Forbidden Usages of SecureNAT.

Other changes:

1. /body/p[11]/a/@class: " external" ⇒ nothing
2. /body/p[11]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-1.gif" ⇒ "http://www.softether.org/@api/deki/files/334/=10-11-1.png"
3. /body/p[11]/a/@title: nothing ⇒ "10-11-1.png"
4. /body/p[11]/a/img/@alt: "Click to enlarge." ⇒ "10-11-1.png"
5. /body/p[11]/a/img/@border: "2" ⇒ nothing
6. /body/p[11]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-1_small.jpg" ⇒ "/@api/deki/files/334/=10-11-1.png?size=webview"
7. /body/p[11]/a/img/@class: nothing ⇒ "internal default"
8. /body/p[11]/a/img/@style: nothing ⇒ "width: 550px; height: 388px;"
9. /body/p[12]/@style: nothing ⇒ "text-align: center; "
10. /body/p[27]/a/@class: " external" ⇒ nothing
11. /body/p[27]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-2.gif" ⇒ "http://www.softether.org/@api/deki/files/335/=10-11-2.png"
12. /body/p[27]/a/@title: nothing ⇒ "10-11-2.png"
13. /body/p[27]/a/img/@alt: "Click to enlarge." ⇒ "10-11-2.png"
14. /body/p[27]/a/img/@border: "2" ⇒ nothing
15. /body/p[27]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-2_small.jpg" ⇒ "/@api/deki/files/335/=10-11-2.png?size=webview"
16. /body/p[27]/a/img/@class: nothing ⇒ "internal default"
17. /body/p[27]/a/img/@style: nothing ⇒ "width: 470px; height: 550px;"
18. /body/p[28]/@style: nothing ⇒ "text-align: center; "
19. /body/p[31]/a/@class: " external" ⇒ nothing
20. /body/p[31]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-3.gif" ⇒ "http://www.softether.org/@api/deki/files/336/=10-11-3.png"
21. /body/p[31]/a/@title: nothing ⇒ "10-11-3.png"
22. /body/p[31]/a/img/@alt: "Click to enlarge." ⇒ "10-11-3.png"
23. /body/p[31]/a/img/@border: "2" ⇒ nothing
24. /body/p[31]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-3_small.jpg" ⇒ "/@api/deki/files/336/=10-11-3.png?size=webview"
25. /body/p[31]/a/img/@class: nothing ⇒ "internal default"
26. /body/p[31]/a/img/@style: nothing ⇒ "width: 550px; height: 353px;"
27. /body/p[32]/@style: nothing ⇒ "text-align: center; "
28. /body/p[35]/a/@class: " external" ⇒ nothing
29. /body/p[35]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-4.gif" ⇒ "http://www.softether.org/@api/deki/files/337/=10-11-4.png"
30. /body/p[35]/a/@title: nothing ⇒ "10-11-4.png"
31. /body/p[35]/a/img/@alt: "Click to enlarge." ⇒ "10-11-4.png"
32. /body/p[35]/a/img/@border: "2" ⇒ nothing
33. /body/p[35]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-4_small.jpg" ⇒ "/@api/deki/files/337/=10-11-4.png?size=webview"
34. /body/p[35]/a/img/@class: nothing ⇒ "internal default"
35. /body/p[35]/a/img/@style: nothing ⇒ "width: 550px; height: 413px;"
36. /body/p[36]/@style: nothing ⇒ "text-align: center; "
37. /body/p[38]/a/@class: " external" ⇒ nothing
38. /body/p[38]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-5.gif" ⇒ "http://www.softether.org/@api/deki/files/338/=10-11-5.png"
39. /body/p[38]/a/@title: nothing ⇒ "10-11-5.png"
40. /body/p[38]/a/img/@alt: "Click to enlarge." ⇒ "10-11-5.png"
41. /body/p[38]/a/img/@border: "2" ⇒ nothing
42. /body/p[38]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-5_small.jpg" ⇒ "/@api/deki/files/338/=10-11-5.png?size=webview"
43. /body/p[38]/a/img/@class: nothing ⇒ "internal default"
44. /body/p[38]/a/img/@style: nothing ⇒ "width: 550px; height: 440px;"
45. /body/p[39]/@style: nothing ⇒ "text-align: center; "
46. /body/p[42]/a/@class: " external" ⇒ nothing
47. /body/p[42]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-6.gif" ⇒ "http://www.softether.org/@api/deki/files/339/=10-11-6.png"
48. /body/p[42]/a/@title: nothing ⇒ "10-11-6.png"
49. /body/p[42]/a/img/@alt: "Click to enlarge." ⇒ "10-11-6.png"
50. /body/p[42]/a/img/@border: "2" ⇒ nothing
51. /body/p[42]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-6_small.jpg" ⇒ "/@api/deki/files/339/=10-11-6.png?size=webview"
52. /body/p[42]/a/img/@class: nothing ⇒ "internal default"
53. /body/p[42]/a/img/@style: nothing ⇒ "width: 550px; height: 445px;"
54. /body/p[43]/@style: nothing ⇒ "text-align: center; "
55. /body/p[47]/a/@class: " external" ⇒ nothing
56. /body/p[47]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-7.gif" ⇒ "http://www.softether.org/@api/deki/files/340/=10-11-7.png"
57. /body/p[47]/a/@title: nothing ⇒ "10-11-7.png"
58. /body/p[47]/a/img/@alt: "Click to enlarge." ⇒ "10-11-7.png"
59. /body/p[47]/a/img/@border: "2" ⇒ nothing
60. /body/p[47]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-7_small.jpg" ⇒ "/@api/deki/files/340/=10-11-7.png?size=webview"
61. /body/p[47]/a/img/@class: nothing ⇒ "internal default"
62. /body/p[47]/a/img/@style: nothing ⇒ "width: 550px; height: 413px;"
63. /body/p[48]/@style: nothing ⇒ "text-align: center; "
64. /body/p[59]/a/@class: " external" ⇒ nothing
65. /body/p[59]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-8.gif" ⇒ "http://www.softether.org/@api/deki/files/341/=10-11-8.png"
66. /body/p[59]/a/@title: nothing ⇒ "10-11-8.png"
67. /body/p[59]/a/img/@alt: "Click to enlarge." ⇒ "10-11-8.png"
68. /body/p[59]/a/img/@border: "2" ⇒ nothing
69. /body/p[59]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-8_small.jpg" ⇒ "/@api/deki/files/341/=10-11-8.png?size=webview"
70. /body/p[59]/a/img/@class: nothing ⇒ "internal default"
71. /body/p[59]/a/img/@style: nothing ⇒ "width: 550px; height: 358px;"
72. /body/p[60]/@style: nothing ⇒ "text-align: center; "
73. /body/p[64]/a/@class: " external" ⇒ nothing
74. /body/p[64]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-9.gif" ⇒ "http://www.softether.org/@api/deki/files/342/=10-11-9.png"
75. /body/p[64]/a/@title: nothing ⇒ "10-11-9.png"
76. /body/p[64]/a/img/@alt: "Click to enlarge." ⇒ "10-11-9.png"
77. /body/p[64]/a/img/@border: "2" ⇒ nothing
78. /body/p[64]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-9_small.jpg" ⇒ "/@api/deki/files/342/=10-11-9.png?size=webview"
79. /body/p[64]/a/img/@class: nothing ⇒ "internal default"
80. /body/p[64]/a/img/@style: nothing ⇒ "width: 550px; height: 398px;"
81. /body/p[65]/@style: nothing ⇒ "text-align: center; "
82. /body/p[70]/a/@class: " external" ⇒ nothing
83. /body/p[70]/a/@href: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/10-11-10.gif" ⇒ "http://www.softether.org/@api/deki/files/343/=10-11-10.png"
84. /body/p[70]/a/@title: nothing ⇒ "10-11-10.png"
85. /body/p[70]/a/img/@alt: "Click to enlarge." ⇒ "10-11-10.png"
86. /body/p[70]/a/img/@border: "2" ⇒ nothing
87. /body/p[70]/a/img/@src: "file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/10-11-10_small.jpg" ⇒ "/@api/deki/files/343/=10-11-10.png?size=webview"
88. /body/p[70]/a/img/@class: nothing ⇒ "internal default"
89. /body/p[70]/a/img/@style: nothing ⇒ "width: 550px; height: 385px;"
90. /body/p[71]/@style: nothing ⇒ "text-align: center; "