Remotely Counting Machines Behind NAT

Printable View

February 6th, 2003, 04:14 AM
phishphreek

Remotely Counting Machines Behind NAT

I did a quick search for this and I didn't see anything on AO... so check this out!!!

Taken from www.slashdot.org

Quote:

Remotely Counting Machines Behind A NAT Box
Posted by timothy on Wednesday February 05, @04:40PM
from the you-knew-this-was-coming dept.
Overtone writes "Steve Bellovin of AT&T Labs Research has published a paper showing how to remotely count the number of machines hiding behind a NAT box (in IMW 2002, the Second Internet Measurement Workshop ). Your friendly DSL or cable broadband provider could implement this technique to enforce their single-machine license clause. Bellovin explains how to change the NAT software to defeat the measurement scheme, but the fix is complicated and unlikely to appear in commercial home gateways anytime soon."

The PDF is here.

It def. makes for some interesting reading. This could be some very bad news.

I would consider this a invasion of privacy. It is my business how I use the bandwith that I "rent".
Who is to say that I only have one PC that has web access and the rest are for other purposes? What a crock of you know what!

This also has a negative impact on network security too.
This technique can make it easier for an attacker to enumerate your network... amongst other things.
February 6th, 2003, 04:57 AM
Tedob1

i dont think its going to be 'considered` an invasion of privacy by the courts any more than the cable company measuring the number of tvs you have receiving their programming is. which is all the more reason we should learn all we can about it. if it can make them more money we can be sure its going to be used.

thanks!
February 6th, 2003, 05:24 AM
SoggyBottom

I was actually reading this doco today, and found it interesting, butI dont know how feasible it would be.

How do you distinguish between 1 user opening multiple sessions?
What about people behind proxies, can they be counted?

Never-the-less, good reading...
February 6th, 2003, 06:00 AM
g00n

it's not an "invasion of privacy" if you happen to have signed an agreement that you won't share your connection with more than one computer. Which is a clause alot of ISP's HAD in the past, not so much now, but it had been a valid concern in the past.

It might also help ISP's to tailor their service to people if they know that ALL of their customers have multiple pc's they might give special deals on hardware or services.

It's also useful in mapping the internet... but who knows what may come from this. Of course it also won't be long before someone comes up with a kernel or driver patch for linux that fixes this.. but i'm guessing all you router users are hosed.