Solved

PAT or NAT ?

Posted on 2006-11-16
7
550 Views
Last Modified: 2010-04-10
I am having 40 clients (Windows XP) on local network and I am accesing (NAT) with my  clients some pay-able service (ACME) which is on another network.  
And ACME bills me every month for using their network, they charge for number of clients, they can see how many client connects to their network.

I know that I must pay, but I am paying for some clients which are using  ACME network only for couple hours on month.

Question is; can I hide some clients, when I am accesing to ACME network ? Using PAT ?


Thanks for help
0
Comment
Question by:Maddogslo
7 Comments
 
LVL 7

Expert Comment

by:knightrider2k2
Comment Utility
Probably NOT.

I suppose you are using ACME's network for internet access?
0
 
LVL 7

Expert Comment

by:knightrider2k2
Comment Utility
PAT means port address translation. If you are hosting servers like web or email servers, then you can use one public IP address and mapp diffrent ports to different machines.
0
 
LVL 7

Expert Comment

by:dlangr
Comment Utility
could you explain what acme service you are using or give us a link to it?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:Maddogslo
Comment Utility
I am using Acme as fictional company or corporation (acronym for : A Company (that) Makes Everything) instead real name company.
http://en.wikipedia.org/wiki/Acme



0
 

Expert Comment

by:DavidLH
Comment Utility
Most people who believe they are using NAT are really using PAT.  If you have a single outside IP address you are using PAT.  Real NAT is having one outside IP address for each inside IP address.  

"ACME" probably identifies your inside computers with some other mechanism besides the outside IP address of your network.  

The best to this problem is to make an internal usage policy for your network to make sure people do not use a computer for "ACME" just a couple hours per month.  I would restrict ACME usage to a specific set of computers that use it enough to make paying for the service worth while.

If making such a policy is not doable,  call ACME and find out if there is a different way to bill this.

The answer to the question is that changing NAT and PAT settings will not help, if it did I ACME would not be able to count how many people use the service they probably use a more sophisticated counting mechanism.

0
 
LVL 7

Accepted Solution

by:
dlangr earned 500 total points
Comment Utility
They probably use some kind of fingerprinting.

Many operating systems have patterns in things like their selection of starting sequence numbers for TCP connections, for example.  You can figure out a fair amount about what is behind a NAT firewall by looking at things like that. see http://en.wikipedia.org/wiki/OS_fingerprinting

Another example: http://www.zdnet.com.au/news/security/soa/Tracking_PCs_anywhere_on_the_Net/0,130061744,139183346,00.htm

They might also be using (some kind of) cookies. see http://en.wikipedia.org/wiki/Browser_cookie


0
 
LVL 7

Expert Comment

by:dlangr
Comment Utility
defeating their technique will require knowing what they use. Look into the possibilities and see what you can do to prevent that information to be published (or ask us).
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now