From Slashdot: Comcast goes after NAT users
Aaron
aaron at aarons.net
Fri Jan 25 05:58:18 CST 2002
Of course. Keep in mind that using IP fragmentation (with some fragment
overlaying techniques), any Packet filtering firewall can be bypassed to
reveal the machines behind it. Also, you can use products like NMAP and
Firewalk (under Linux, of course) to see if the offending machine is a
firewall-type device and what's behind it. Weather Comcast is that smart, I
don't know but from what I've heard from the people on this list and some
friends who use them, I doubt it.
Aaron
----- Original Message -----
From: "Duane Attaway" <dattaway at attaway.org>
To: "jim" <jim at weathercom.com>
Cc: <kclug at kclug.org>
Sent: Thursday, January 24, 2002 11:42 PM
Subject: Re: From Slashdot: Comcast goes after NAT users
> I have a question. How can they technically do this? Could this be scare
> tactics or can they really "see" other computers behind a firewall? Is
> there clues in the headers that give it away? Would they have to sniff
> port 80 and see the odd things like different browser versions at the same
> time (Linux Mozilla AND MSIE at the same time?) Maybe I haven't paid much
> attention to tcpdump, but I haven't seen any clues that any of those
> packets from my cablemodem are going to make a few additional hops.
>
> On Thu, 24 Jan 2002, jim wrote:
>
> > Any Comcast employees want to comment on this folderol. I only have one
> > computer, but it's connected to the 'net via a Linksys firewall/router
> > because Comcast won't do squat about security. They going to come after
me
> > next? I'm checking out DSL tomorrow.
>
More information about the Kclug
mailing list