RMerlin is the developer of Asuswrt-Merlin firmware. He is referring to settings in Merlin router firmware.RMerlin wrote:The NAT Slipstream attack is the one that uses ALGs helpers to potentially compromise clients. I recommend making sure none of the settings on the NAT Passthrough page is set to "Enabled + NAT Helper", they should be either "Enabled" or "Disabled". I haven't tested this, but I would expect that ensuring NAT helpers are disabled to be enough to prevent this attack vector.
Those ALG are generally not needed by modern clients. For instance, I have both an ATA (for my home phone) and a direct IP phone (for work) here, both work fine without the need for an ALG helper.
Note that numerous browsers are now implementing mitigation methods by blocking certain ports used by these protocols.
NAT slipstreaming involving ALGs, including SIP ALG, doesn't just apply to Asuswrt-Merlin, of course: https://samy.pl/slipstream/.