Hi All,
Has anybody experience on detecting nat hole punching methods ?
It is used by several chat programs that use stun or could be used to
intrude.
The purpose is creating a peer to peer connection thrue multiple NAT
firewalls.
It produces lots off connections with connection_state S0 and history S,
e.g. syn
only packets.
This rfc explains https://tools.ietf.org/html/rfc5128.