Slashdot Mirror

← Back to Stories (view on slashdot.org)

More On Detecting NAT Gateways

Posted by timothy on from the check-your-terms-of-service dept.

tcom91 writes "The Slashdot article Remotely Counting Machines Behind A NAT Box described a technique for counting NAT hosts. A recently published paper Detecting NAT Devices using sFlow describes an efficient way of detecting NAT gateways using sFlow, a traffic monitoring technology built into many switches and routers. This technology could be used to enforce single host access policies and eliminate unauthorized wireless access points."

2 of 438 comments (clear)

  1. Yawnn.. iptables? by MacroHard · · Score: 5, Informative

    iptables -t mangle -A OUTPUT -i eth0 --ttl-set 64

  2. Re:Ummm no ... by nolife · · Score: 5, Insightful

    Bullshit..

    Bandwidth (about $50-130/mb wholesale)

    Number of computers in a home environment does not automatically mean more BW. It may come in spurts but not more overall. I go online and do certain things every day. I can do this before, after, or during the times the kids are on and use the same exact BW either way. My firewall is reject unless specifically allowed (limits trojans and spurious connections), I use squid and have every PC set to use it via a proxy.pac autoconfig (currently at over a 45% hit rate after 80k requests) and a caching DNS server.

    Customer support (additional troubleshooting)

    Maybe, maybe not, I also think this would reduce support as you can eliminate probles related to your PC as you can try another one, or blame it on the ISP.. I would also suggest that a person with a multipc setup is probably smarter then the average computer user and would call support less.

    Security (more machines, more chance for trojans, etc)

    This is laughable. It would be much safer to have 15 computers behind a NAT box/firewall then one Windows or misconfigured Linux machine directly connected.

    Repairs (the guy with six people sharing a cable modem is going to expect instant service restoration, whether he's paying for it or not)

    So what your saying is everyone with one computer should not expect good service and fast repairs? They just sit back and wait for the ISP to find the problem and they should not expect the service to work when they need it?

    You do have points but those can not be seperated into those with and without NAT.

    And frankly, it ain't your network. If you want to start up an "all the bandwidth you want for free" ISP, knock yourself out.

    What do you mean set one up, they are everywhere. Check the advertisements for Comcast, RR, Verizon, Speakeasy, and many others. They all say pretty much the same... Unlimited internet and connected all the time so your online experience is fast and quick. Maybe they should change their tune. Kind of like my cell phone plan.. Unlimited nights and weekends, free long distance, unlimited phone to phone, and unlimited web access. Do you think I should feel guilty when I use it? I don't, that's what they are advertising and that's what I bought the damn things for. Sure as shit, I browse the web with the phone whenever i want, I call all my relatives after 9:00pm or any time during the weekend, and I call phone to phone just because I can.

    --
    Bad boys rape our young girls but Violet gives willingly.