|
The NAT Port Mapping Protocol (NAT-PMP) is a network protocol for establishing network address translation (NAT) settings and port forwarding configurations automatically without user effort.〔RFC 6886, ''NAT Port Mapping Protocol (NAT-PMP)'', S. Cheshire & M. Krochmal (April 2013)〕 The protocol automatically determines the external IPv4 address of a NAT gateway, and provides means for an application to communicate the parameters for communication to peers. NAT-PMP was introduced in 2005 by Apple as an alternative to the more common ISO Standard〔 ISO/IEC 29341, http://www.iso.org/iso/home/news_index/news_archive/news.htm?refid=Ref1185〕 Internet Gateway Device Protocol implemented in many NAT routers. The protocol was published as an informational Request for Comments (RFC) by the Internet Engineering Task Force (IETF) in RFC 6886. NAT-PMP is the precursor to the Port Control Protocol (PCP).〔RFC 6887, ''Port Control Protocol (PCP)'', Wing, Cheshire, Boucadair, Penno & Selkirk (April 2013)〕 == Operation == NAT-PMP runs over the User Datagram Protocol (UDP) and uses port number 5351. This protocol has no built-in authentication mechanisms, resulting in opening itself to abuse. Protocol design treats all hosts belonging to the router's local network as trusted and allows them to freely "punch" holes through the network firewall. Though extremely convenient, such a relaxed design opens itself to easy exploiting by malicious software running on any computer that belongs to the local network, or by any rogue computers that manage to gain access to the local network. As a result, intruders can access otherwise firewalled local network services by abusing malicious "holes" punched through the firewall.〔 Some of the NAT-PMP implementations aim to mitigate those issues by enforcing constraints to port mappings.〔(【引用サイトリンク】 AstLinux: Universal Plug'n'Play (NAT-PMP and UPnP) )〕 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「NAT Port Mapping Protocol」の詳細全文を読む スポンサード リンク
|