[NTLUG:Discuss] [ms.g@noitacude.com: [sb1116] ALERT: Texas "super DMCA" movingthrough the legislature]
Kenneth Loafman
ken at lt.com
Fri May 23 11:23:26 CDT 2003
Rusty Haddock wrote:
> Darin W. Smith wrote:
> >On Fri, 23 May 2003 08:30:05 -0400, Rob Apodaca <rob.apodaca at attbi.com>
> >wrote:
> >
> >>PC, how would they know if you were doing it? I really don't know very
> >>much
> >>about packets and what exactly is done to them when they go through
> >>nat...can
> >>an ISP detect if there are multiple PC's behind a nat or even if packets
> >>are
> >>being nat'd? Even if they could, I think you could mask that by simply
>
> My understanding is that each machine, in the IP headers, maintains
> a packet sequence counter, of sorts, and this is gonna be different
> between machines at any given time. Even if they were the same the
> numbers would being to mismatch fairly quickly. This IP info is not
> mangled by the NAT so... you could, effectively, watch the stream of
> data flowing from a particular physical connection and check out the
> IP sequence numbers. If you start sucking down FTP packets from one
> host and then have a telnet connection going to another, the sequence
> numbers will be different unless they are from the same machine. Even
> if the sequence numbers are close together, numerically, the IP stacks
> on those machine would need to be synchronized to avoid this type of
> detection.
>
> This is my understanding. I really should check it out as I could
> very well be totally wrongo. :-0 Someone with more IP knowledge
> should correct me.
There is, theoretically, a Linux group that has solved this problem so
you can stealth a NAT connection behind a Linux router. I don't know
where it is, but my foggy memory remembers mention of it a couple of
months ago when these Super-DMCA bill started making their rounds.
...Ken
More information about the Discuss
mailing list