Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remotely Counting Machines Behind A NAT Box

Posted by ryuzaki0 on from the you-knew-this-was-coming dept.

Overtone writes "Steve Bellovin of AT&T Labs Research has published a paper showing how to remotely count the number of machines hiding behind a NAT box (in IMW 2002, the Second Internet Measurement Workshop). Your friendly DSL or cable broadband provider could implement this technique to enforce their single-machine license clause. Bellovin explains how to change the NAT software to defeat the measurement scheme, but the fix is complicated and unlikely to appear in commercial home gateways anytime soon."

22 of 574 comments (clear)

  1. Top 5 ways to count # of machines behind a NAT box by Amsterdam+Vallon · · Score: 4, Funny

    5 -- Via the traditional finger point, coupled with the ever-popular audible counter increment

    4 -- Thermal image detection scan

    3 -- Utilize the same finger pointing mentioned in 5, but avoid the audible count as an enhanced privacy measure

    2 -- Avoid counting and caring about counting altogether; continue browsing Slashdot

    1 -- Call the dude with the NAT box and ask him!

    Free tech news & blogging for life -- *nix.org

    --

    Reply or e-mail; don't vaguely moderate. Ex-O'Reilly/MIT employee, now a full-time Google employee.
  2. What about NAT behind NAT? by Anonymous Coward · · Score: 5, Funny

    What about when I put a NAT machine behind a NAT machine? ;-)

    1. Re:What about NAT behind NAT? by Tumbleweed · · Score: 4, Funny

      Well, then, they'll just use their ANTI-anti-NAT technology!

      "No, no, not 'Anti-NAT," that's my Aunt Natalie!"

  3. jerk by io333 · · Score: 1, Funny

    Please allow me to express the sentiment of most if not all home network users, as well as that of the companies that make routers for home use:

    Thanks a lot Steve you PRICK!

    1. Re:jerk by VivianC · · Score: 1, Funny

      Please allow me to express the sentiment of most if not all home network users, as well as that of the companies that make routers for home use: Thanks a lot Steve you PRICK!

      And if you ever do anything like this again, you will get another Slashdotting!

      --
      Viv

      Gmail invites for ip
  4. No way! by Arcaeris · · Score: 4, Funny

    "Your friendly DSL or cable broadband provider could implement this technique to enforce their single-machine license clause."

    Crap! Now I have to worry about my internet conn

  5. Re:Not where I'm from by Anonymous Coward · · Score: 2, Funny

    If by GTA you are referring to the Greater Toronto Area, then yes, because they are capping bandwith and charging you extra if you go over limit. So go head, hook up as many computers as you want, they'll love it :)

  6. research.att.com Slashdotted? Give me a break. by Snork+Asaurus · · Score: 4, Funny
    Or maybe they think it's another Slapper.

    Maybe someone can fill us in.

    --
    Sigs are bad for your health.
  7. All my machines are single by Anonymous Coward · · Score: 1, Funny

    My friend says he has a couple of machines, though.

  8. FreeBSD by PunchMonkey · · Score: 5, Funny

    Our technique is based on the observation...that the "id" field in the IP header is generally implemented as a simple counter

    Recent versions of OpenBSD and some versions of FreeBSD use a pseudo-random number generator for the IPid field.

    So my FreeBSD will look like thousands of PCs? LOL, that sure would piss the cable company off.

    --
    I'll have something intelligent to add one of these days...
  9. Re:what if they are chained? by Snork+Asaurus · · Score: 5, Funny
    if your cable company is composed of jackasses

    You mean there are some that aren't?

    --
    Sigs are bad for your health.
  10. Quick! by kliklik · · Score: 3, Funny

    Let us quick slashdot the server before those "friendly" ISPs get the information and use it to count our machines.

    --
    guru in training
  11. Re:Not where I'm from by Anonymous Coward · · Score: 5, Funny

    Do you live in Liberty City or Vice City?

  12. AT&T can't stand slashdotting? by random_nick · · Score: 5, Funny
    Not even an AT&T host can stand slashdotting?

    --
    Even random is random. My nick, too.
  13. AT&T lets you connect five by Qrlx · · Score: 3, Funny

    According to their FAQ, AT&T lets you connect "four additional computers" to your cable modem.

    I'm thinking that even for Slashdot readers, five computers in the house with broadband internet will be sufficient.

    Read it here:
    Connect Multiple Computers to the AT&T Broadband Internet Service

  14. Attention Customer: by Snork+Asaurus · · Score: 5, Funny
    We are terminating your 28.8kbps dial-up service due to the following violation of the TOS:

    Our expert system has detected that you are sharing a single connection with 4,179 computers.

    --
    Sigs are bad for your health.
  15. Lets be real for a moment... by tkrotchko · · Score: 4, Funny

    The cable company can't tell when my cable modem is visible on the network.

    And now suddenly they're counting machines behind it?

    This is sounding like fantasy and science fiction to me.

    --
    You were mistaken. Which is odd, since memory shouldn't be a problem for you
  16. Re:Not where I'm from by PunchMonkey · · Score: 2, Funny

    I remember playing Grand Theft Auto (1) on my PC a few years back. At the start of the game an announcer booms "Grant Theft Auto".... the first time my friend heard it he thought the guy said "Down Town Toronto".

    --
    I'll have something intelligent to add one of these days...
  17. Re:Not where I'm from by Anonymous Coward · · Score: 1, Funny

    Simple explanation, your friend is autistic.

    Technical hypothesis, you are schizophrenic and you are blaming imaginary people for own fuck ups.

  18. Re:trying to crack down on reselling by ewhac · · Score: 3, Funny

    It probably annoys the telcos to no end that a connection can be shared - they are more used to the "telephone" model, where there is one line going into the house and if 2 people want to have separate converations then they need two lines.

    Well, the cable company is after me, and I can't understand why.

    I picked up a used VAX-11/780 a while back (had the word 'dagobah' scrawled inside the door, never figured out what that was about), and have a couple dozen friends and neighbors hooking up to it via a combinaton of Wyse-50 serial terminals and NDS dedicated X terminals. The terminals are "dumb" and can't do any local processing. All the compute resources are on the VAX, there are no NAT services running, and only one IP address is being consumed. So the connection isn't being shared.

    Still, the cableco is giving me static about connection sharing, saying it's tantamount to running NAT. I countered by saying that running NAT is tantamount to running a large multi-user machine. But their lawyers are better dressed than mine, and are threating criminal cable fraud charges. I have no idea how it will turn out. If they decide to go to the mat, it'll be interesting to watch the local constabulary confiscate the VAX for forensic examination.

    Schwab

    P.S: Anyone know how to compile Quake2 for this thing? It keeps crapping out on the CPU_ARCH #define with the message, "Carmack hits you with a cluestick --more--".

    P.P.S: :-)

    --
    Editor, A1-AAA AmeriCaptions
  19. Re:Not where I'm from by Spruitje · · Score: 1, Funny

    Multikabel/quicknet does not allow a router.
    But they do recommend you to use a firewall.
    The firewall i'm using is running linux with an iptables based firewall.
    Behind it are 8 computers.
    So, it's not a router but a firewall.

  20. Re: Liberty City or Vice City by Anonymous Coward · · Score: 1, Funny

    in soviet russia, internet logs onto you!!!!