Comcast is, in fact, doing nat detection and thwarting now?

Comcast is, in fact, doing nat detection and thwarting now?

Post by Russ Ega » Wed, 26 May 2004 10:47:20


Just got hooked up to comcast high-speed with a comcast-provided
motorola surfboard model SB5120.

I initially had a single computer hooked to a Linksys wrt54g
wireless/router. Worked fine.

Then I connected another computer to the network via wireless. Every
time I try to access any web page (from any browser) on the second
computer, I'm redirected to a comcast web page indicating I haven't
activated my account yet.

This is in Harford county MD. I just moved from Montgomery county MD,
about an hour south, and it worked there. My roommates and I had 5 or 6
computers behind the same wireless router, in varying combinations of
wireless clients and wired clients.

So am I just screwed? Is there something I can do to thwart the nat
detection? Has anyone else discovered this new development?
 
 
 

Comcast is, in fact, doing nat detection and thwarting now?

Post by f/f georg » Wed, 26 May 2004 11:03:12

On Mon, 24 May 2004 21:47:20 -0400, Russ Egan < XXXX@XXXXX.COM >


Are you using a router or just trying to connect straight to the cable
modem? I have a router here in Northern Va. and I have SEVERAL
computers connecting just fine behind my router.

 
 
 

Comcast is, in fact, doing nat detection and thwarting now?

Post by Russ Ega » Wed, 26 May 2004 12:32:31


The linksys box is a router, providing NAT for all my computers.

However, something even stranger has occurred. The second computer,
that was getting redirected to the comcast web page, was left on for a
couple hours. It was then able to access the internet normally. Bizarre.

Also, I should note that while the computer was getting redirectly, DNS
was working, and I could ping other internet addresses. I assume it was
only intercepting http, or port 80 traffic or something.
 
 
 

Comcast is, in fact, doing nat detection and thwarting now?

Post by Warre » Wed, 26 May 2004 15:03:08


Bizarre.
DNS
was


Unless they are sniffing packets, and unwrapping them far enough, they
can't even suspect NAT. And even if they unwrap them far enough to see
there was some NAT going on, there is still no way they could even guess
at the number of machines behind the NAT without long-term analysis. And
then it would just be a guess. There is absolutely no way they could
instantly know that you've plugged in a second computer behind a NAT
box. And even once they get to the point that they suspect multiple
computers, and they do enough packet-sniffing to play circus geek and
guess at how many computers may be behind the NAT box, they're not going
to be able to intercept the traffic from one computer, and not another.

Logical explanation for what did happen? Your router was in bridging
mode. At some point you probably reset the router, and it went into
gateway mode.

And of course you would be able to ping any address and get a response.
You were pinging the Comcast registration server. Ping was being
redirected just the same as your browser was being redirected.

Pretty simple. But it looks like paranoia has taken another victim.

--
Warren H.

==========
Disclaimer: My views reflect those of myself, and not my
employer, my friends, nor (as she often tells me) my wife.
Any resemblance to the views of anybody living or dead is
coincidental. No animals were hurt in the writing of this
response -- unless you count my dog who desperately wants
to go outside now.
Blatant Plug: Spend your Amazon gift certificates here:
http://www.yqcomputer.com/
 
 
 

Comcast is, in fact, doing nat detection and thwarting now?

Post by Jbob » Thu, 27 May 2004 05:55:36


I really don't think they care but just in case you can use MAC address
cloning if your router supports ths option. They sometimes can tell what
devices the modems are hooked to by the MAC address.
 
 
 

Comcast is, in fact, doing nat detection and thwarting now?

Post by no one in » Sat, 29 May 2004 01:33:13


address
what

More to the point, the modems in the old pre-DOCSIS days were often
set to accept the traffic of many MAC addresses but now the new security
policies are allowing only as many MAC addresses as you are paying for
IPs for. Set all to the same MAC in the router, easiest to use the MAC
of the Ethernet card of the first PC, and that takes care of that
problem.
-Wayd Wolf