On Mon, Apr 10, 2000 at 12:42:00AM +1000, Ryan McBride wrote:
> Just a curious question, i dont know a lot about tcp/ip and so forth. If you
> were to have 2 linux boxes. One with a cable modem with ipmasq and another
> one with dial in lines attached to it, would it be possible for
> optus/telstra to detect this thorugh a port scan or other means. Obviously
Depending upon your kernel version ip masquarading will remap the IP addresses
to a range of ports. Most people don't ever bother to change the default
masquarading port range, so a clueful ISP could look for computers using
those ports and assume you were doing masquarading.
> depending on the number of dial in users being supported, you wouldnt have
> normal traffic patterns which would be a tell tale give away that something
> is happening behind your firewall. How easy/hard would it be to detect this
> from the ISP's point of view??
It is fairly simple to detect masquarading since it `renumbers' ports to
a well known range. Having them detect how these requests are being generated
(whether by traffic on a local lan or traffic from dialled in computers) is
neigh on impossible.
Unless, of course, you ask on a mailling list how hard it is to do.
There are people (at least from Optus) on this mailling list and I'd be
completely unsurprised if some people from Telstra were as well.
Anand
--
SLUG - Sydney Linux Users Group Mailing List - http://www.slug.org.au
To unsubscribe send email to [EMAIL PROTECTED] with
unsubscribe in the text
