Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comcast Gunning for NAT Users 979

phillymjs writes: "A co-worker of mine resigned today. His new job at Comcast: Hunting down 'abusers' of the service. More specifically, anyone using NAT to connect more than one computer to their cable modem to get Internet access- whether or not you're running servers or violating any other Acceptable Use Policies. Comcast has an entire department dedicated to eradicating NAT users from their network. We knew this was coming since this Slashdot article from two months ago, but did anyone think they'd already be harassing people that are using nothing more than the bandwidth for which they are paying? It makes me very happy that my DSL kit arrived yesterday, and I'll be cancelling my Comcast cable modem early next week." Earthlink and Comcast have both been advertising lately their single-household, multi-computer services (and additional fees) -- probably amusing to many thousands of broadband-router owners, at least until the cable companies really crack down.
This discussion has been archived. No new comments can be posted.

Comcast Gunning for NAT Users

Comments Filter:
  • by the_radix ( 454343 ) on Thursday January 24, 2002 @05:52PM (#2897090) Homepage Journal

    "We regret to inform you, Mr. Anderson, that you have three different people in your household using this computer to access the internet. Your bill will be adjusted accordingly."

  • by VP ( 32928 ) on Thursday January 24, 2002 @06:06PM (#2897266)
    Consider this - a submission of the FoaF kind, no real evidence, but very much bound to bring an uproar among the /. regulars... The result - a pretty good list of things that can and cannot be done to accomplish the alledged NAT detection.

    In other words, we are doing Comcast's R&D for them...
  • Re:methods (Score:3, Funny)

    by sllort ( 442574 ) on Thursday January 24, 2002 @06:12PM (#2897336) Homepage Journal
    so if the TTL by default starts at all 1's (255) then a machine behind a NAT box would consistently report a TTL of 254 to the upstream router. that's a VERY good indicator.

    man, stealth NAT sounds like a fun project. it also sounds like something that would piss off large corporations if released as open source. i haven't gotten to write something that fun in a long time...

  • by chainsaw1 ( 89967 ) on Thursday January 24, 2002 @06:18PM (#2897401)
    (ring ring ring)
    b)We're with Comcast. We found that you are using multiple computer over your connection via NAT. Comcast is fining you for TOS violation and your new rate is now $150/mo
    c) But i'm not
    d) We have blah blah blah proof that you are
    e) No, I just run virtual machines on my one system. It the same computer, just running different operating systems at the same time. I was running my completely-approved MacOS with Virtual-PC open to Win98 which was running VMWare with Linux as a kind of side project to see how running a virtual machine in an emulator affects performance.
    f) oh

    They can't differentiate if you have multiple machines or one machine with multiple OS's unless you NAT a LOT of machines....

    just my thoughts, any feedback welcome
  • Hmm. (Score:5, Funny)

    by Heem ( 448667 ) on Thursday January 24, 2002 @06:20PM (#2897431) Homepage Journal
    Comcast Guy #1 We need to get computers off the network that are stealing our bandwidth!

    Comcast Guy #2 Gee, guy 1, How are we gonna go about doing that?

    Comcast Guy #3 Hmm. Ok, I have an idea Lets make up a story and post it to Slashdot, we'll tell them we are going to find them out,they are all evil bandwidth stealers, they will wonder how we are going to go about doing this, and in the process they will tell us EXACTLY what to do to find them out. Good thing for them or we'd have no clue whatsoever. Now we can spend more time making useless content that we can charge them money for

  • Re:Firewall (Score:5, Funny)

    by Kaa ( 21510 ) on Thursday January 24, 2002 @06:47PM (#2897626) Homepage
    How can they possibly suggest that I'm NOT ALLOWED to run a firewall? Especially seeing as how the freaking cable networks some of the worst offenders on portscans etc...

    Nah, you don't understand. You see, a computer is really like a TV and the fine folks at Comcast want to help you use it appropriately. You are not supposed to do anything but consume entertainment (and pay for it), so be a good boy and behave.

    As to a firewall, you only need one if you run servers, right? And you are not supposed to run any servers, it's right there in your TOS... Just think of the computer as a TV, it helps. If you don't have any open ports, you don't need a firewall, right?

    Whaddaya mean, Windows has open ports? Nope, couldn't be, Windows is a proper operating system and will not have such indecent thing as open ports, it's not like this hacker system, Lainuks. Just shut up and go away, will ya?
  • by Anonymous Coward on Thursday January 24, 2002 @06:53PM (#2897666)
    I went to vote in today's poll []. Normally, I think my vote has been counted, but today I received this message:

    slashdot login at company's proxy has already voted. (proxy for env.http_x_forwarded_for)

    That's a shame, because all web access (for over 200 employees) at my company comes thru one proxy.

    It looks like Slashdot's gunning for NAT users as well!

    (Maybe CowboyNeal's trying to stop The Evil Empire [] rigging our polls [] too.)
  • It's eke (Score:2, Funny)

    by Anonymous Coward on Thursday January 24, 2002 @07:16PM (#2897825)
    The easy way to remember is that "eek" could easily be spelled with a lot more "e"'s, as in "EEEEEEEEEEEEEEEEEEEEEK!!! A monster..."
    Whereas "eke" would never be said that way (and who the heck would say "EKEEEEEEEEEEEEEE"?)
  • by Rorschach1 ( 174480 ) on Thursday January 24, 2002 @07:20PM (#2897854) Homepage
    Additional charges for:

    - 'Premium' port traffic: Only business users would need IMAP or POP3 access to anything besides the ISP's own mail server, right?

    - More than 4 simultaneous TCP sessions. Your browser and mail program don't need any more than that, do they?

    - Email attachments over 1 MB. If you're sending big files, you're probably using it for business. And remember, no outside POP3!

    - Anything lower than an 8:1 download/upload packet ratio. Lower than that and you're obviously one of those peer-to-peer pirate scumbags.

    And don't even THINK of trying to tunnel or encrypt traffic!
  • by Cally ( 10873 ) on Thursday January 24, 2002 @07:53PM (#2898034) Homepage
    I don't see anyone else saying this: I think we shuold all say a big THANK YOU and WELL DONE to the friend who resigned his job over this - especially in today's economic climate. This sort of courage, to put one's own neck on the line over a principle, is sadly lacking amongst most of us. Well done, and best of luck finding another job with an more ethical employer.
  • by scoove ( 71173 ) on Thursday January 24, 2002 @08:26PM (#2898182)
    They say you can use multiple computers *if* you pay them money for extra IP addresses.

    Gosh, this is somewhat offtopic, but your post reminded me of a fortune 500 client I once dealt with. The MIS director (who had a remarkable resemblence to Dilbert's PHB) was bragging about how his company had purchased an ENTIRE CLASS A address block for only $15,000 from a consultant.

    Not a bad deal at all, until I saw the network numbers...

    The $15K was probably a fair consulting price for "introduction to RFC-1918".

  • by Anonymous Coward on Thursday January 24, 2002 @08:56PM (#2898311)
    Too bad AT&T Broadband is being bought by Comcast.
  • by jsse ( 254124 ) on Thursday January 24, 2002 @10:06PM (#2898584) Homepage Journal
    Gosh, this is somewhat offtopic, but your post reminded me of a fortune 500 client I once dealt with. The MIS director (who had a remarkable resemblence to Dilbert's PHB) was bragging about how his company had purchased an ENTIRE CLASS A address block for only $15,000 from a consultant.

    You are lucky that you only got one PHB. I received a fyi saying that the intranet was under 'attacked' by 'alien IPs' from the Internet. I managed to explain to PHB, PHB's PHB, PHB's PHB's sub-constractors, that 169.254 is not the prefix of internet addresses. They are supposed to be network specialists but haven't even heard of RFC1918. *shrug*

    Yes, you bet, I work for government. :)
  • Re:methods (Score:2, Funny)

    by B1 ( 86803 ) on Thursday January 24, 2002 @10:48PM (#2898720)
    I once had a cable modem hooked up through a linux box and then on to four PCs (myself and three roommates). One day, the cable modem mysteriously stopped working (it had been working for at least a month beforehand).

    When I asked the cable modem company about it, they wanted me to go to Control Panel -> Network...etc... I told them I was using Linux, and that's when their tech pretty much blew smoke up my ass.

    "Oh...well...our service can't work with Linux or Windows can only work with Windows 95 and MacOS. If it isn't already obvious to you why, I can't explain it to you". wasn't obvious why that would be the case...

    ...and he couldn't explain it to me either.

    (btw...rebooting the cable modem *DID* fix the problem)
  • by Pig Hogger ( 10379 ) <pig.hogger@gmail.NETBSDcom minus bsd> on Thursday January 24, 2002 @11:07PM (#2898805) Journal
    A year spent in artificial intelligence is enough to make one believe in God.
    So, does this means that atheists have been too much exposed to natural stupidity????
  • Re:methods (Score:2, Funny)

    by cl0secall ( 449952 ) on Friday January 25, 2002 @03:15AM (#2899564) Homepage
    What's next. a limit on dual CPU machines?

    Don't give them ideas...

... though his invention worked superbly -- his theory was a crock of sewage from beginning to end. -- Vernor Vinge, "The Peace War"