Are slipstream attacks possible through an OpenWRT router with the default configuration?
It seems the NAT slipstream attack was announced the day before yesterday. In short, it is described as an attack on web browsers behind Application-level Gateway (ALG) capable routers. I do not fully understand whether that applies to OpenWRT or not.
What I did learn and understand is that according to Wikipedia, ALG is in netfilter on Linux. Unfortunately I could not detuct the answer to my question from reading OpenWRT's netfilter documentation. Skimming through upstream's netfilter docs gave me the impression protocol specific parts of conntracking should likely end up as separate kernel modules when enabled. Thus my belief is that an attack it is unlikely to succeed unless such modules are loaded.
Would it be safe to assume no slipstream mitigation needs to be taken on OpenWRT when find /lib/modules -name "*nf_conntrack_*" only returns ipv4, ipv6 and rtcache; i.e. nothing like e.g. ftp, h323 or sip?
Disable any browser extension that may hinder WebRTC
And run echo something here | (nc -vl localhost 3306 || nc -vvlp localhost 3306)on the LAN client?
I'm also wondering how it's "detecting local subnets". Those listed don't exist in my network and the results are not consistent on each visit. I did a quick read of his site, I think it just uses a list of common router IPs perhaps?
So how do I interpret the result of the test???
If I run the test and it first say I am a "odd fellow" and everyting gives unusable candidate and then I push the test button and it tries its magic over and over many times and then stops without never get a singel internal IP adress other than my routers Internet IP adress.
I guess that is a good ting, or what?