Can someone tell if I'm doing IP Masqing and is his considered prox

Can someone tell if I'm doing IP Masqing and is his considered prox

Post by ivan.samuel.. » Thu, 29 Jun 2000 04:00:00





 E.



>> I know with IP Masqing, it takes the packet from the internal
 machine and
>> then assigns a new source port number and slaps the real IP
 address of the
>> gateway onto it. My question is, can my ISP then determine whether
 or not
>> that packet is from the Linux box or from another machine that
 doesn't have a
>> real IP address assigned to (other than the internal 192.168.x.x
 one)? Or, no
>> matter what they do, will it always look like it can from the
 machine that
>> they assigned an IP address to and cannot tell in any shape or
 form that it
>> came from a different machine?
> You are correct.  All the packets appear as if they came from your
 one box.

So, they cannot in any way determine whether or not that packet came
 from my
Linux box or from the internal network? And, since you stated it is
 NOT
proxying, then I assume I'm not breaking their rules.

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=-=-=-

IT Architect II                * http://home.columbus.rr.com/isamuels
American Electric Power        * http://www.aep.com
Be sure to replace no.spam in my e-mail with isamuels when replying
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=-=-=-

 
 
 

Can someone tell if I'm doing IP Masqing and is his considered prox

Post by mike.e..fletc.. » Thu, 29 Jun 2000 04:00:00




> Got a question. I've been searching around to see if I can find the
 answer
> myself, but I haven't been able to.

> I have my Linux box hooked up to a cable modem. My provider has
 just stated they
> are getting ready to put into place a service that will detect
 people running
> game servers from their machines through the ISP, giving internet
 access to
> people outside of the ISP, proxying and of course, distributing
 warez and mp3s
> from their machines.

> I currently have my machine setup to do IP Masqing as well as a
 firewall. Noone
> can get in from the outside (without trying REALLY hard of course)
 and  I have
> my daughter's machine hooked up to the Linux box with the Linux box
 acting as
> the gateway using IP Masqing.

> I am NOT storing or distributing warez. I only allow access to the
 internet via
> machines within my local network and only those people with
 accounts on the
> Linux box are allowed to log into the network (I'm using Samba as
 an NT server
> to allow network logins to Win95/98 machines).

> What I want to know is, is there any way that my ISP can tell
 whether a  packet
> destined for the internet is from the Linux box (which has the IP
 address
> supplied to me by the ISP via DHCP) or from a machine in my
 internal network?

> I know with IP Masqing, it takes the packet from the internal
 machine and then
> assigns a new source port number and slaps the real IP address of
 the gateway
> onto it. My question is, can my ISP then determine whether or not
 that packet is
> from the Linux box or from another machine that doesn't have a real
 IP address
> assigned to (other than the internal 192.168.x.x one)? Or, no
 matter what they
> do, will it always look like it can from the machine that they
 assigned an IP
> address to and cannot tell in any shape or form that it came from a
 different
> machine?

You are correct.  All the packets appear as if they came from your
 one
box.

Quote:> They stated they do not allow proxying but a Linux box acting ONLY
 as a non-
> proxying firewall is allowed. Is IP Masqing considered proxying? I
 assume it
> is, but can they really tell whether or not that's what I'm doing?
 If it  isn't
> considered proxying, what IS the difference between IP Masqing and
 a  proxy
> server?

No IP MASQ is not a proxy.  It is just a way of routing packets.  A
 real
proxy would be a server daemon that retrieves documents on behalf of
another computer.

I would sudgest running nmap(a port scanner) or some tool simular to
 it
and see what ports are open on your computer.  Some distributions
 start up
an ftp server by default.  Your ISP may interpret this as you serving
 up
warez.


www.d2minternet.com

 
 
 

Can someone tell if I'm doing IP Masqing and is his considered prox

Post by manfred.ba.. » Thu, 29 Jun 2000 04:00:00




Quote:> > .... My question is, can my ISP then determine whether or not
 that
> > packet is from the Linux box or from another machine that doesn't
> > have a real IP address assigned to (other than the internal
> > 192.168.x.x one)? Or, no matter what they do, will it always look
> > like it can from the machine that they assigned an IP address to
> > and cannot tell in any shape or form that it came from a
 different
> > machine?

> You are correct.  All the packets appear as if they came from your
> one box.

Ok, that hold true if the ISP only looks at the source IP address.

It is still obvious though that a Linux box is used for NAT (or
masquerading in Linux terms) because the clients ports are translated
from the usual low thousands to the masqueraded ports in the 60000
range.  AFAIK, the NAT code in Linux 2.4 will change this.

--
Manfred

 
 
 

Can someone tell if I'm doing IP Masqing and is his considered prox

Post by m..buchenrie.. » Thu, 29 Jun 2000 04:00:00




[...]

Quote:>> What I want to know is, is there any way that my ISP can tell
 whether
>> a  packet
>> destined for the internet is from the Linux box (which has the IP
 address
>> supplied to me by the ISP via DHCP) or from a machine in my

 internal network?

Depends on the time and efforts spent by your ISP to analyze the
 contents and
headers of incoming and outgoing IP packets.

[...]

Quote:>You are correct.  All the packets appear as if they came from your
 one
>box.

That is basically correct - but it is actually very easy to see
 whether
the packets are coming from a box doing IP masquerading. The standard
port for masquerading is unusually high, and _this_ is easily
 detectable
by an ISP.

Quote:>> They stated they do not allow proxying but a Linux box acting ONLY
 as a non-
>> proxying firewall is allowed. Is IP Masqing considered proxying? I
 assume it
>> is, but can they really tell whether or not that's what I'm doing?
 If it  isn't
>> considered proxying, what IS the difference between IP Masqing and
 a  proxy
>> server?
>No IP MASQ is not a proxy.  

But thsi is irrelevant in the context. More and more ISPs are setting
 up
limitations like that to deny the use of more than just one machine
 per
dialup connection due to cost issues and bandwidth limitations. What
the ISP means by specifiying "proxying" in its terms is just that:
Using any kind of method for allowing more than one machine at a time
to be using the payed dialup connection. It's just more common
 (still)
to have a winproxy doing this kind of stuff, especially for hosting
game servers etc. then using Linux machines as masquerading boxes.
So if you run such a machine without the consent of your ISP, you're
violating your ISP's TOS and AUP .

Even if changing the default masquerading port would be trivially
 easy,
this is no solution. If your ISP doesn't want you to do that, get
 another
ISP and carry your money elsewhere.

Michael

--

 http://www.muc.de/~mibu
          Lumber Cartel Unit #456 (TINLC) & Official Netscum
    Note: If you want me to send you email, don't munge your address.

 
 
 

1. Can someone tell if I'm doing IP Masqing and is his considered proxying


Got a question. I've been searching around to see if I can find the
 answer
myself, but I haven't been able to.

I have my Linux box hooked up to a cable modem. My provider has just
 stated they
are getting ready to put into place a service that will detect people
 running
game servers from their machines through the ISP, giving internet
 access to
people outside of the ISP, proxying and of course, distributing
 warez and mp3s
from their machines.

I currently have my machine setup to do IP Masqing as well as a
 firewall. Noone
can get in from the outside (without trying REALLY hard of course)
 and  I have
my daughter's machine hooked up to the Linux box with the Linux box
 acting as
the gateway using IP Masqing.

I am NOT storing or distributing warez. I only allow access to the
 internet via
machines within my local network and only those people with accounts
 on the
Linux box are allowed to log into the network (I'm using Samba as an
 NT server
to allow network logins to Win95/98 machines).

What I want to know is, is there any way that my ISP can tell whether
 a  packet
destined for the internet is from the Linux box (which has the IP
 address
supplied to me by the ISP via DHCP) or from a machine in my internal
 network?

I know with IP Masqing, it takes the packet from the internal machine
 and then
assigns a new source port number and slaps the real IP address of the
 gateway
onto it. My question is, can my ISP then determine whether or not
 that packet is
from the Linux box or from another machine that doesn't have a real
 IP address
assigned to (other than the internal 192.168.x.x one)? Or, no matter
 what they
do, will it always look like it can from the machine that they
 assigned an IP
address to and cannot tell in any shape or form that it came from a
 different
machine?

They stated they do not allow proxying but a Linux box acting ONLY as
 a non-
proxying firewall is allowed. Is IP Masqing considered proxying? I
 assume it
is, but can they really tell whether or not that's what I'm doing? If
 it  isn't
considered proxying, what IS the difference between IP Masqing and a
 proxy
server?

Thanks!

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=-=-=-

 Architect II      
        * http://home.columbus.rr.com/isamuels American Electric
 Power        *
http://www.aep.com Be sure to replace no.spam in my e-mail with
 isamuels when
replying
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=-=-=-

2. Dual-PPro + WebServer

3. Can someone tell if I'm doing IP Masqing and is his considered proxying?

4. Nic Card Problems

5. can someone tell me what I am missing here?

6. Linux Command

7. Compiling Linux..

8. How to tell if someone has used DOS too long

9. Could someone tell me how this is done?

10. setuid - can you tell me what I am doing wrong?

11. How do I get 'w' to say that i am doing something else