Date: Fri, 9 Apr 2004 09:39:45 +0200 From: Dirk-Willem van Gulik <dirkx@webweaving.org> To: Rob <nospam@users.sourceforge.net> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD router: Can my internet provider detect my home network? Message-ID: <12729D4C-89F9-11D8-BD91-000A95CDA38A@webweaving.org> In-Reply-To: <407643B7.3080308@users.sourceforge.net> References: <407643B7.3080308@users.sourceforge.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 9, 2004, at 8:33 AM, Rob wrote: > I plan to have a FreeBSD (4.9 stable) system serving as a router > between my provider and a set of my home computers connected > via a home network. > > My provider does not really like this, but I don't care so much, > as long as s/he cannot detect (too easily) my home network. > Most ISP's do not care a toss, expcept perhaps for port 25 and port 80. However there is a fair chunk of software (we did some, and found there was competition :-) which uses TCP sequence numbers to detect NAT. Various forms of through-nat fingerprinting can also be used to make a stab as to wether there is 1 or >1 machines behind a router. (Note that for legal reasons only the case N=1 versus N>1 is of interested; generally not the exact number) Even if the TCP and signatures are cloaked there is some easy to run software which will look at application level signatures (HTTP Agent strings) or things as simple as two IM log in's in parallel. The objective is generally to run such software over the 2-5% of your top bandwidth hoggers to bring it down to a small number - and look at those in depth. What you are really after is blatent abuse. Dw
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?12729D4C-89F9-11D8-BD91-000A95CDA38A>