Install NATdet

I haven't found any tutorials about installing NATDet yet, so I just made one, it's very simple. Here is the official NATDet site: http://elceef.itsec.pl/natdet/ , there is a little documentation about it.

So, how to install: 

1. You need to install some packages:

• pcap
• bison

2. Install tcpdump

http://www.tcpdump.org/

3. Install ncurses

• Download it: http://ftp.gnu.org/pub/gnu/ncurses/ 
• Install: http://www.linuxfromscratch.org/lfs/view/development/chapter06/ncurses.html 

4. Download and install NATDet

Download: http://elceef.itsec.pl/natdet/ 

Install:

./configure
make
make install 

How to use it:

First, you should set your network interface to promisc mode, if you want it to be automated, set it:

/etc/network/interfaces

auto eth1

iface eth1 inet manual

        up ifconfig eth1 promisc up

        down ifconfig eth1 promisc down

Then:

/etc/init.d/networking restart && ifup eth0 && ifup eth1

Now, your network interface reads every packages, so you can start using natdet:

As shown in the readme:

natdet -v -i eth0 'RULES'

-v : verbose

-vv : more verbose

-i : set interface

-l : set log file

-d : run in background

- RULES : You can set up rules like in tcpdump

And now, just wait, it needs some time to find users who use NAT.