• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 587
  • Last Modified:

PAT or NAT ?

I am having 40 clients (Windows XP) on local network and I am accesing (NAT) with my  clients some pay-able service (ACME) which is on another network.  
And ACME bills me every month for using their network, they charge for number of clients, they can see how many client connects to their network.

I know that I must pay, but I am paying for some clients which are using  ACME network only for couple hours on month.

Question is; can I hide some clients, when I am accesing to ACME network ? Using PAT ?


Thanks for help
0
Maddogslo
Asked:
Maddogslo
1 Solution
 
knightrider2k2Commented:
Probably NOT.

I suppose you are using ACME's network for internet access?
0
 
knightrider2k2Commented:
PAT means port address translation. If you are hosting servers like web or email servers, then you can use one public IP address and mapp diffrent ports to different machines.
0
 
dlangrCommented:
could you explain what acme service you are using or give us a link to it?
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
MaddogsloAuthor Commented:
I am using Acme as fictional company or corporation (acronym for : A Company (that) Makes Everything) instead real name company.
http://en.wikipedia.org/wiki/Acme



0
 
DavidLHCommented:
Most people who believe they are using NAT are really using PAT.  If you have a single outside IP address you are using PAT.  Real NAT is having one outside IP address for each inside IP address.  

"ACME" probably identifies your inside computers with some other mechanism besides the outside IP address of your network.  

The best to this problem is to make an internal usage policy for your network to make sure people do not use a computer for "ACME" just a couple hours per month.  I would restrict ACME usage to a specific set of computers that use it enough to make paying for the service worth while.

If making such a policy is not doable,  call ACME and find out if there is a different way to bill this.

The answer to the question is that changing NAT and PAT settings will not help, if it did I ACME would not be able to count how many people use the service they probably use a more sophisticated counting mechanism.

0
 
dlangrCommented:
They probably use some kind of fingerprinting.

Many operating systems have patterns in things like their selection of starting sequence numbers for TCP connections, for example.  You can figure out a fair amount about what is behind a NAT firewall by looking at things like that. see http://en.wikipedia.org/wiki/OS_fingerprinting

Another example: http://www.zdnet.com.au/news/security/soa/Tracking_PCs_anywhere_on_the_Net/0,130061744,139183346,00.htm

They might also be using (some kind of) cookies. see http://en.wikipedia.org/wiki/Browser_cookie 


0
 
dlangrCommented:
defeating their technique will require knowing what they use. Look into the possibilities and see what you can do to prevent that information to be published (or ask us).
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now