Will NAT hide your machines if a person is REALLY looking for them?

Posted on 2005-04-25
Medium Priority
Last Modified: 2013-11-15
The ISP that provides cable internet access in my area has a policy that only allows you to have one computer on the network. If you have more than one computer on the network then you have to pay an extra $10.00 fee.

I have been arguing with a couple friends about this. I say that if you have a router that does NAT then there is no way that they would know if you had more than one computer on the network.

My friends say that is wrong. That even when using NAT certain info that relates to things like OS version and MAC address still can go through the router and that ISPs have automated ways of looking for this stuff. It sounds like bull to me but they swear that they know people who had NAT boxes set up who ended up getting busted by their ISP. The only time that their argument begins to sway me is when they point out "if NAT hides your machines then why would people set up Linux machines to do  IP Masquerade rather than just plain old NAT?"

So what is the true story on this?
Question by:xy8088

Expert Comment

ID: 13863323
if the story about NAT is true then think of this:
Every server or workstation in an corporate office would be vurnebale by an attacker.
So NAT hides you behind an Router or Firewall and if all ports are closed there is no way of telling how many machines are in that network or what kind of machines.
Go ahead and try it out youeself using two computers on one router and then one external computer.


LVL 27

Accepted Solution

pseudocyber earned 210 total points
ID: 13863372
There are somethings which like to phone home - particularly browsers.  However, this data is way inside the packet, your ISP would have to be sniffing all traffic which flows from you, or everyone, and decode all the way into the application layer to see it.

However, one thing which your ISP could definitely see is the MAC address of your router, unless you spoof it, which would tell them it's a Linksys, DLink, or whatever.

Expert Comment

ID: 13863411
Usuallly ISP do not have the time to check that.  I'm curious of futur answer here!

Assisted Solution

BILJAX earned 40 total points
ID: 13863431
No, they don't check, they base it off of bandwidth used.  That point of NAT is to make one public IP into many private IPs.   When the packet leaves the router, it only shows the IP of the external interface of the Router (on down the contents of the packet, the IP of the originating MAC address is shown).   Most ISPs don't waste the processing/man power to keep track.

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question