| Jack Sprat configured his NAT. There seems to be a bit of confusion here about what
NAT is, routers, Etc.
NAT=Network Address Translation. (one public address
translated into private ip's feeding multiple boxes)
Also known (to linux people mostly) as IPMASQUERADING
IPMASQ is identical to NAT {afaik}.
I would also like to clarify that a "router" in the
consumer sense (linksys BEFSR series for instance).
That is being used to share a single IP is performing
NAT TRANSLATIONS, so in a sense router=nat.
My preference btw is FreeBSD (one of the OS's mentioned
that is able to obfusticate the packet id's.
I remember somewhere in one of my TOS's for a former
cable co that it was inferred that it was ok to use
multiple computers via a router/nat system as long as
you didn't resell the service to your neighbors!
I also remember a fellow on @home in California who
was running a web server operation and had like six
machines behind his linux box and they caught him and
spanked him for commercial rate times six machines.
I think they found him out via ARP tables or something
On a semi-related issue, for those running unix look
at a package called "port sentry", it can automatically
take action on port scanning events etc. In other words,
it can see a port scanner coming and DUCK, or better yet
black hole the ip of the scanner!
I have set this up for a few people who run web servers
on attbi since att is in the habit of PSing their WAN
sometimes several times per day. (ports from 1 to >10,000)
(I can understand looking for "servers" but the "server"
ports are all 1024, what are they doing in the tens of
thousands?) |
