Will NAT hide your machines if a person is REALLY looking for them?

Posted on 2005-04-25
Last Modified: 2013-11-15
The ISP that provides cable internet access in my area has a policy that only allows you to have one computer on the network. If you have more than one computer on the network then you have to pay an extra $10.00 fee.

I have been arguing with a couple friends about this. I say that if you have a router that does NAT then there is no way that they would know if you had more than one computer on the network.

My friends say that is wrong. That even when using NAT certain info that relates to things like OS version and MAC address still can go through the router and that ISPs have automated ways of looking for this stuff. It sounds like bull to me but they swear that they know people who had NAT boxes set up who ended up getting busted by their ISP. The only time that their argument begins to sway me is when they point out "if NAT hides your machines then why would people set up Linux machines to do  IP Masquerade rather than just plain old NAT?"

So what is the true story on this?
Question by:xy8088

    Expert Comment

    if the story about NAT is true then think of this:
    Every server or workstation in an corporate office would be vurnebale by an attacker.
    So NAT hides you behind an Router or Firewall and if all ports are closed there is no way of telling how many machines are in that network or what kind of machines.
    Go ahead and try it out youeself using two computers on one router and then one external computer.


    LVL 27

    Accepted Solution

    There are somethings which like to phone home - particularly browsers.  However, this data is way inside the packet, your ISP would have to be sniffing all traffic which flows from you, or everyone, and decode all the way into the application layer to see it.

    However, one thing which your ISP could definitely see is the MAC address of your router, unless you spoof it, which would tell them it's a Linksys, DLink, or whatever.
    LVL 2

    Expert Comment

    Usuallly ISP do not have the time to check that.  I'm curious of futur answer here!
    LVL 6

    Assisted Solution

    No, they don't check, they base it off of bandwidth used.  That point of NAT is to make one public IP into many private IPs.   When the packet leaves the router, it only shows the IP of the external interface of the Router (on down the contents of the packet, the IP of the originating MAC address is shown).   Most ISPs don't waste the processing/man power to keep track.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
    This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now