Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
The Internet Your Rights Online

EFF Lists Wi-Fi-Friendly ISPs 96

Posted by timothy from the a-list dept.
trifster writes "It appears that *some* ISPs encourage Wi-Fi hotspots from users connections. Cnet News.com has the article here." The list itself is on the EFF's site. Most of the ISPs with policies against wireless NATing seem to turn a blind eye to it most of the time anyhow, though.
This discussion has been archived. No new comments can be posted.

EFF Lists Wi-Fi-Friendly ISPs More

EFF Lists Wi-Fi-Friendly ISPs

Comments Filter:
  • ... after they see their name in SlashDot? I would imagine that someone somewhere in most ISPs there is someone on staff that reast SlashDot...

    Then again, that could be an advertisable feature... "Join XXX Online, your Wireless Friendly ISP!"*

    -Just my thoughts.
    RickTheWizKid

    *"XXX Online" may be a trademark of America Online, an AOL/Time Warner company. Then again, it may not be. I really can't be bother to look it up.

  • Encouragement (Score:2, Interesting)

    by lennart78 ( 515598 )
    My provider offers DSL modems with wireless interface. They won't be bothered too much about it.

    As long as nobody is spamming or cracking through it of course...

  • What we need... (Score:2, Interesting)

    by zerosignal ( 222614 )
    ...is a site where people have/want broadband access and a wireless card can register to find other people in their area to share access with (by post/zip code).

  • A reason for big mobile-phone companies to sue ? (Score:4, Interesting)

    by TrackerChamp ( 595492 ) on Wednesday July 31, 2002 @07:01AM (#3985130)
    It is indeed good news that some ISPs apparently accept reality (since they can't detect NAT on their nodes anyhow).

    However - especially here in Europe - many big Telecom companies have paid a huge amount of money (several US-billon $) to the governments to get a UMTS license because they thought it to be the only way of getting mobile Internet access.

    Now, when these ISPs actually do not prevent their customers from using their node as a WLAN access point for everybody, these ISPs could quickly become a target of the major telecom companies' law departments. For them, it is much easier to sue ISPs than single "abusers".

    And I think, regarding the momentary state of the economy and the possible mis-investment in the UMTS market, this is more than likely to happen.

    What do the others think?
    • I don't see the logic behind sueing ISPs because the telco's failed to see there was 'another way' and paid a lot for those frequencies.

      Besides, voice-communication is still very important, and possibly the killer-app for mobile devices. Since the datacom vendors still haven't created a standard for VoIP, a 802.11b appliance with voice communication enabled has to be
      a:) very proprietary and thus will not be likely to be very interoperable.
      b:) equipped with a UMTS interface

      Besides that, I haven't looked into it recently, but probably the voice quality of VoIP won't be too good either...

      So probably mobile appliances will need UMTS too be able to function as a phone.
    • Are you saying this license excludes any other sort of wireless activity for their downstream users?
      • No, AFAIK these licenses do not include some sort of monopoly on mobile internet access.

        However, the mentioned ISPs are not among the biggest ISPs (compared to AOL, MSN or the national European telecom companies). The big companies like Deutsche Telekom (in Germany it is the most used ISP) especially prohibit the use of NAT in their EULA (I do not even dare to imagine what they would think of wireless NAT for an entire neighbourhood).

        Being pessimistic as I am, I can easily imagine them try to lobby the government to introduce some kind of regulation on these WLAN access-points. After all, frequency rights are still government dependant. And with all this ongoing discussions about tracking people's whereabouts using their mobile phone to detect "possible terrorists", it is IMHO more than likely that this is going to happen

        • Well, if the ISPs charged customers on what they use, rather than gamble on what they expect them to use then they wouldn't have this problem.

          The core problem is false advertising. If every customer took up maximum capacity on their line they'd have something to say about that too -- but why should we be dealt a bad hand just because of their initial dishonesty?
    • I think it is possible to detect NAT by looking at sequence numbers on the packets going out.

      That is probably more advanced than most ISPs can handle (or want to handle) though.
    • since they can't detect NAT on their nodes anyhow

      I know some cable ISP's *cough*comacast*cough* restrict the access to a single MAC address coming from one IP. If they wanted to sacrifice the resources, they could theoretically detect NAT on thier network.
      • yeah, but they don't bother. (thankfully)
      • I know some cable ISP's *cough*comacast*cough* restrict the access to a single MAC address coming from one IP.

        My cable ISP does this too, although they have no problem with using multiple computers through NAT. Because of this, I don't think MAC address is how they would detect NAT. The firewall sends everything out as the same MAC address. In fact, I had to spoof the MAC on the firewall because when I first connected, I used my laptop to test the connection, so it wants that MAC address all the time.

        I think there are other ways of detecting NAT, as the firewall has to do some mangling of the headers to help determine where the response should go, but I can't remember the specifics.

        • All you probably have to do (this is what I do when I change NICs or PCs) is release the IP address they assigned you, then when you DHCP request another one, it will be assigned to the MAC or that NIC. (In Windows I use ipconfig /release and /renew)
          • Good idea. With Linux, I should release / renew just by shutting down the ethernet interface and restarting, right? I haven't even bothered to try this. When I went to attach my firewall and it didn't work, I spent hours trying to figure out why. Once I spat out all the debugging information for the dhcp client, I saw clearly what the problem was, and spoofed the MAC address. I've just left the spoofed address there ever since.
      • erm...as far as I know, a NAT router only has one MAC address. All outgoing traffic goes through the router and thus appears to come from the same MAC. Plus, most good broadband routers will allow you to 'clone' the MAC of a machine on the internal network, so your isp will never even notice. Many isps already restrict access to one MAC *cough*Cogeco*cough* but my router shows the same MAC as my pc.
    • the main problem in Europe is not the ISP, it is the legislation mandating conservation of connection informations. I will not share my wifi access because I'm liable for what anonymous guy do on the net using my access.
    • However - especially here in Europe - many big Telecom companies have paid a huge amount of money (several US-billon $) to the governments to get a UMTS license because they thought it to be the only way of getting mobile Internet access.

      Since it seems like most of the governmental flames here are generally directed at the American government, I'm sure you'll understand if I take this opportunity to do some good ole'fashioned EuroBashing(tm)!

      To bad all I can think to say is "Are you sure you don't live in America?"

  • As the differentiators between ISPs boil down to access speed, reliability, price and location, assuming you have a reasonable enough ISP for a reasonable price, there's little to encourage you to move to the competition.

    Promoting 802.11b hotspots and general connection sharing skews the usage up beyond statistical averages for a single user, but it DOES get more customers - in terms of new connections, or swings from competitors, as well as building community rapport. After all, no one likes being EULA-ed out of getting the best value for money.

    I'd be interested in comments from those that have set up a communal wireless area where the connection is priced per byte, rather than a flat rate, where EULAs prevent this sort of thing from maxing out the line.

    Aegilops

  • "Should we allow it? Why not?" Goldinstein said Tuesday.

    Certainly not. It is becoming fashinable to link everything about sharing as legitimate. To some extent it is alright, but when people want to interperet freedom as free beer thats when the things go wrong

    Moreover if Wi-Fi access is shared, going by the inherent nature of 802.11m you dont really have control over the person who give it to sharing it with other. So you may have exponential growth! This is what the article also warns about.

    In reality it is difficult to keep control, so its better to let wireless access inside same home, allowing it would open up a hornets net, and unless the security issued with WiFi are resolved, its better no to open the can

    • But in this case, sharing has been explicity given legitimatcy by the providers of the resource.

      The problem is 'implicit' sharing, or rather, when people believe that they can share without asking permission.
    • "Speakeasy's CEO has gone on the record in support of broadband sharing via wireless, basically saying 'you pay us for the bits you use and are welcome to do whatever you like with them.'"

      If you pay for the service, you should be able to do anything you want with the bandwidth that you are supposed to get. I don't think there is any harm in sharing your connection with your neighbors if you want to.
      • If you pay for the service, you should be able to do anything you want with the bandwidth that you are supposed to get. I don't think there is any harm in sharing your connection with your neighbors if you want to.

        I won't get into an argument of whether it's right or wrong, but as most are aware, high bandwidth ISP's promise a connection speed of "up to" some value, which is their way of saying that during peak times, you won't get this speed. They expect a single connection to their services to have periodic spikes of activity, not a constant level of activity at the promised speed. As you put more and more people on the same connection, you get closer to saturating that connection. Most ISP's have not planned their capacity to handle that, so it could really put them in hot water with regards to performance for their other customers.

        Like I said, I won't get into an immediate discussion of right or wrong, but we can't assume that an ISP with 1GB of total capacity on a particular loop has only sold 1MB connections to 1000 customers on that loop.

  • I think that Speakeasy's CEO sums it up best (Score:5, Interesting)

    by blues5150 ( 161900 ) on Wednesday July 31, 2002 @07:02AM (#3985136) Homepage
    quoted from the article... "Speakeasy's CEO has gone on the record in support of broadband sharing via wireless, basically saying 'you pay us for the bits you use and are welcome to do whatever you like with them."

    • Re:I think that Speakeasy's CEO sums it up best (Score:4, Insightful)

      by GigsVT ( 208848 ) on Wednesday July 31, 2002 @07:23AM (#3985199) Journal
      Yeah, it makes sense. I mean if you ran an extension cord out your door and put a sign out "free electricity", I doubt the power company would have a problem with it at all. They would even happily install a new transformer on the pole for you if you wanted a bigger one so you could use more power.

      These ISPs that are tryign to be assholes obviously are operating on broken business plans. Overselling bandiwdth and then harassing your users into not using what you sold them isn't a valid business model.
      • Yeah, it makes sense. I mean if you ran an extension cord out your door and put a sign out "free electricity", I doubt the power company would have a problem with it at all.
        Electricity is metered. Broadband is not (yet).
        • As has been discussed previously on this site, us Aussies pay on the order of 0.15 AUD (0.08 USD or so) per megabyte for downloads.

          Nobody's intending to share their internet connections for free here. Instead, people are going to build citywide (and eventually nationwide) wireless networks.

        • Re:Bad analogy (Score:4, Interesting)

          by Raetsel ( 34442 ) on Wednesday July 31, 2002 @08:47AM (#3985652)

          • "Electricity is metered. Broadband is not (yet)."
          I must disagree. I will try to do so as respectfully as possible.
          1. When I signed up for 768/128 ADSL [blarg.net], the agreement specifically stated "unmetered transfers." While I was specifically prohibited from reselling the service, I could (and did!) give away access. (I only noticed one other person use my wireless -- perhaps there were more, but I only actually "saw" one.)

          2. Verizon (who was NOT my ISP) certainly didn't give a hoot about how much data crossed the physical line.

            Now, about that "metered" part...

          3. The amount of data that can be pulled through a 768-Kbit DSL line is finite. If your ISP charges you what it will cost them to route that much data, you aren't likely to hear complaints if you fill your pipe. (Though JWZ did, and he was using Covad at the time.) [dnalounge.com] Worst case in my situation -- 31-day month with 100% usage 24/7 -- works out to ~280 Gigabytes in a month. MAX. In a conversation with one of the Blarg techs, I learned it costs ~$110/month to route 1 Mbit/sec through a Tier-1 US backbone. That's not including physical circuit fees.

          4. The electricity argument is valid beyond the metering issue as well -- circuits (and transformers) have limits. If you provide one 15-amp circuit there is no danger of someone running their whole house off it, or setting up an electric-arc smelting operation (well, one of any size, anyway...) A flat-rate charge based on (120v X 15A)/1000 X 744 (hours in a 31-day month) X $0.10 (cost per KW/hour) means $134 will completely cover unmetered use of that 15-amp circuit.
          Unfortunately, I had to move. Where I live now is not DSL capable, otherwise I'd still be using Blarg. The cable modem provider doesn't care about NAT (or servers to a limited extent), but they don't want "free internet" out there "on their dime."

          Rather interesting, really... it seems the DSL providers have a more enlightened view of this issue than the cable providers. It shows the difference in culture and levels of greed. Also, my cable provider charges $15/GB for every GB (or fraction) over 10 GB/month. If I wanted to move as much data over cable as I could have on my DSL, my monthly cable bill would be ~$4100!!

          Perhaps prices need to rise somewhat for "free wireless" to be ignored by all ISPs, but unlimited internet access is most definitly feasible.

      • I'm not sure that's comparing apples with apples, except where

        1. Few others have electricity
        2. Electricity is paid for by the maximum throughput (ie peak current), rather than by the power transferred (ie total KWh).

        While some ISPs do charge by total data transfer (and hosting providers certainly do), most do not.

        Another allegory would be a restaurant who gets upset when their all you can eat customers share their meals with another 5 people. Not only are they losing revenue, but their chef can't keep up...

      • Yeah, it makes sense. I mean if you ran an extension cord out your door and put a sign out "free electricity", I doubt the power company would have a problem with it at all. They would even happily install a new transformer on the pole for you if you wanted a bigger one so you could use more power.

        A better analogy might be hanging up a POTS telephone outside with a sign that says "unlimited free local calls," because in most cases electricity is metered and local telephone service is not.

        (Some might argue that the telephone is different because you can not make a call on a line at the same instant someone else is. The same holds true for a packet switched connection, however, where two packets can not be sent at exactly the same instant. In both cases, your personal ability to use the service is reduced somewhat if you share it with others).

      • That broken business plan is exactly what every Slashdot user cries over. They don't want any ISP that would seemingly try and charge per usage(in bits).

        So it's nice we complain when we try and utilize all our bandwidth by sharing it with neighbors(whoever) and they aren't able to support this, or we complain when they want to cap our bandwidth and make us pay for what exactly we use.. hmmm..
        • Well, at least the rational ones are complaining for valid reasons.

          A lot of people are mad when these limits aren't disclosed, or the company lied. For example, when I got a cable modem a couple years ago, they said "15 times faster than a modem!", then later capped us at 384/126.
    • Likening sharing of bandwidth to either sharing of cable TV or to sharing of electricity is inaccurate.

      Consider sharing Cable TV. Once the wire hits my house, it is easy for me to share with my neighbor - I simply put a distribution amp in the line, and he now has signal. There is no additional drain on the cable TV's resources and no (technological) way the cable company can restrict this. As a result, my neighbor has no reason to buy cable, and I have just cost the cable company a customer. In the limit, the cable company has one customer who shares with the rest of the town, and the cable company goes broke.

      Now, sharing electricity. The electric company charges by the kW/hr, and aside from a relatively small non-usage related service fee the more joules I use the more I pay. If I run a line over to my neighbor, the electric company WILL make more money since my bill goes up. Thus, from a purely profit driven standpoint they lose nothing by this.

      Now, consider Internet connectivity. Few ISPs really charge you based on usage - I have a 384kbps DSL connection, but my ISP probably doesn't plan on me using 100% of that all the time. As such, if I give extra capacity to my neighbor, my neighbor loses any incentive to purchase a connection of his own, and the ISP loses money. Additionally, unlike cable TV, I am increasing the load on my ISP, so the arguement "But I'm not HURTING anybody" really doesn't wash - I am sucking down more bandwidth and loading their system down. But unlike the electric company, it is harder for the ISP to charge on a resources-used basis.

      Now, some ISPs actually DO plan on you using 100% of your allotted bandwidth - this is usually the case for business-grade SLAs like those on T-1 type connections. In such a case, you are back to the idea of "You bought it, it's yours" - share all you want, we make money no matter what. In such cases, the ISP is not likely to care about sharing.

      In the normal case, however, the ISP is very much going to care, and sharing will be forbidden.

      Then, you have the weird cases where the ISP actively promotes wireless sharing because they sell that service too.
      • Either that, or they'll start charging you based on the bandwidth you actually get, rather than the fraction of your bandwidth they expect you to use. I think it's likely that a lot of ISPs will start giving you the option of buying exactly the bandwidth you want, and prohibiting sharing on the other plan.

        Actually, it's much more likely that they'll go to slightly better accounting. Something like 384kbps 25% of the time, 57kbps the rest of the time. If you use more the 57kbps for 6 hours in a day, you get capped at 57 for the rest of the day. If you don't want to get capped like that, you pay for the whole bandwidth all the time. Billing people according to usage is a pain, but making your network slow if you use too much bandwidth isn't too hard. And sharing isn't really that big a deal-- you can use up 384kbps by yourself if you try, and it's no different.
  • Then why shouldn't you be allowed to share the access, since the ISP is getting paid for it anyway.

    However if you're just paying a flat rate, then you're taking advantage of that, by letting other people use your access as well. I'd certainly be pissed if someone stole my bandwidth...
    • In the end, it's down to marketing. They advertise high bandwidth connections knowing that very few people are going to use anywhere near the total capacity.

      Sharing your access with others increases the probability that you're going to use near total capacity. And upstream, it just can't be sustained reasonably.

      It sounds to me like they need to revise what they promise customers rather than blame the customers for taking advantage of the advertised capabilities of the service.
    • It doesn't even matter if you are paying by the byte. They aren't selling that to you, what they are selling you is a connection to the internet, and it DOES have a maximum upload/download capacity, because the vast majority of companies cap their usage.

      I do agree that comparing this to electricity is a bad comparison, it is a lease of the upload/download capacity. Saying you can't attach a Wi-Fi node is as bad as some ISP's saying you can't host a webserver. I can do what I like with the leased item, but in the end, YOU can't charge me for the web server, I am providing it. Likewise in the end you can't charge me for Wi-Fi, I am providing that. The cable company provides no additional services for the charge, so they shouldn't be able to argue at all. I'd like to see a terminated customer sue so we can get some presidence for such cases.

  • For the acronym impaired (Score:4, Informative)

    by Scoria ( 264473 ) <slashmail@nosPaM.initialized.org> on Wednesday July 31, 2002 @07:10AM (#3985165) Homepage
    In no particular order:

    Wi-Fi [wi-fi.org] - IEEE 802.11b compliant products

    IEEE [ieee.org] - Institute of Electrical and Electronics Engineers

    EFF [eff.org] - Electronic Frontier Foundation, an organization dedicated to preserving online rights

    NAT [howstuffworks.com] - Network Address Translation, typically used to provide Internet address for a local area network while using only one external IP address

    ISP - Internet Service Provider, an organization who provides access to the Internet
    • NAT - Network Address Translation, typically used to provide Internet access for a local area network while using only one external IP address

      Perhaps I should stop using CmdrTaco's Spelling and Grammar Checking Agent.
  • In general, it's not that big of a deal.... A friend of mine works at an ISP, and he claims that only a small percentage of people are truly doing this, at least that they can find out. Most people who have wireless in their homes are doing it so they can sit out back by the pool with their laptop while they look at pr0n.

    Just my dos centavos.
  • To see if any of the ISPs become a victim of a disgruntled employee, Look out for the marks [msnbc.com] :-)
  • I love my Speakeasy!

    (To the tune of "I want my MTV")

  • Add RCN to that list (Score:2, Informative)

    by sowalsky ( 142308 )
    I'd like to mention that my own provider, RCN, encourages the use of NATs to distribute home cable-modem service to all of the computers in the household. Not only that, but they even offer IP address plans if you want external IP's for the computers. RCN will help fix a problem if there is an issue with the cable modem on an internal network, and even offer a paid home-network setup option that you can add onto a free basic installation to get your home network, Wi-Fi or otherwise, up, running, and secure.
  • For ANY broadband connection, your paying for unlimited 24/7 time at a pretty high bandwidth (100-200KB/s). They sell you unlimited access, and that's what they should expect you to do.

    All four of these options on how to use one's unlimited access are essentially the same, and users should have the right to do any of them:

    1. Stay online 24/7. This may be done by avid file-sharers and/or downloaders. Some Linux people might want to download the latest ISO for every different distro.

    2. Though not using the connection 24/7 one's self, allowing other's in one's house-hold to use it when one isn't. If different people work different shifts, this is essentially 24/7 usage.

    3. Allow any of your neighbors to come in your home at any time and use your internet connection. Again, essentially the same as 24/7.

    4. Set up a WiFi network. Same as #3, but avoids security issues such as one's computer being stolen.

    ISP's are selling you unlimited bandwidth, and they should expect you to use it. They advertise 24/7 then whine when people actually do use their connection 24/7. Waaah.
    • Um no, you're paying for 24/7 bandwidth in your household. They'd be happy to sell you the same bandwidth for you and anyone you'd like to share it with, but they'd charge you more, because obviously the average bandwidth usage per customer will go up.

      If everyone could set up a wireless network for their neighbors, then the bandwidth provider is going to raise its prices (which will hurt those people who aren't going to set up such a network). In a few years, with wireless becoming very popular, this might actually happen.
    • I agree whole-heartedly. If they want to provide me with service restricted to "256Kbps and 30 GB/day between the hours of 7 am and 7pm, etc..." then that is what they should advertise and sell. When they sell a service without listing restrictions, that is what I expect and what I should get. It should not matter who or how many use that bandwidth, or from where that bandwidth is used.

      On the flip side of this coin, how about the people who DON'T use the "maximum acceptable" bandwidth? I don't think any of the providers are sending them emails saying "Gee, you're saving bandwidth and we really appreciate you're not raising our costs." In my opinion, if you're going to complain when somebody uses everything you provide, you ought to be grateful to those who don't take advantage.

      My opinion of the way the companies should approach the "problem" of wireless-accessible broadband? Sell the service on a throughput measurement and throttle mean download speeds to the advertised rate. If they don't want to advertise what they REALLY want to sell, stop complaining when people use everything they can. Imagine going to an "All You Can Eat" buffet and being told you can't eat anymore because they didn't expect you to eat as much as 10 people. Hey, you promote unlimited usage - that's what I expect.
  • Why not set up a WiFi web between various broadband users, even if they use different services. This way, one can potentially get more bandwidth when others are at work or out. It also provides complete annonymity.

  • Blind eyes... (Score:4, Insightful)

    by jmegq ( 33169 ) on Wednesday July 31, 2002 @09:23AM (#3985881) Homepage
    Most of the ISPs with policies against wireless NATing seem to turn a blind eye to it most of the time anyhow, though.

    Timothy, that strikes me as a very irresponsible attitude in matters such as this. Didn't we say that about filesharing a year or two ago? Here at least is a case where we can vote with our patronage to companies that have good policies now, so they'll be around tomorrow when others have stopped turning a blind eye to it.

  • All this WiFi discussion is showing me just one thing: ISPs will begin to seriously consider to charge data transfer instead of connection speed or time.

    Now a days ISPs plans infrastructure as telecom companies, they consider that an average user will use only x% of the bandwidth sold. Considering this they can lower prices and sell more.

    With wirelessNAT opened to everybody the average user will consume almost 100% of the bandwidth sold, so the infrastructure avaiable need to be extended, this is cost, and somebody must pay for this.

    They want to charge the user for the infrastructure extension, they always do this, but they can't raise prices this way, they need to find sowe other way.

    The only way to charge fairly is to charge by data volume instead of connection time or speed. That's why I think that all this WiFi discussion will lead to new charging polices, and I'm pretty sure that this is the future of ISP charging.

    • I, however, am fairly certain they will NOT change their charging policy. Why not? Probably most importantly flat-rate pricing provides the company with the cheapest billing system possible. Metered service can be implemented, but only at additional cost for everybody, and this is without considering dispute resolution ("Prove that I used 32 GB last month...") From a business perspective, it is probably just as profit-effective to raise prices slightly to compensate for the additional bandwidth required.

      As for fairness - when I signed up for broadband, I was not supplied concrete numbers regarding bandwidth availability, up-time, etc. But everybody who signs the $50/month dotted line expects just two things:

      (1) Reasonable availability of a relatively high-speed connection

      and

      (2) They will pay $50/month until the price changes.

      The family that uses their broadband for email and light surfing gets what they expected. The tech nut running a server for friends get what he expected. How much more fair to the customer can it get?

      As for the company, fairness is dictated by their throttling capability. When they sign up a customer for 512Kbps bandwidth, they should assume the customer will use that bandwidth. They all throttle upload bandwidth (mainly to discourage running servers); they generally do NOT throttle download bandwidth because it is automatic. They have a finite capacity but it is to their advantage to use as much of that capacity as possible - they're paying for it. If they find it too expensive to add more capacity they will either allow the pipe to clog, thereby causing customers to leave (and unclogging the pipe); or they will raise prices to allow the additional capacity. Supply and demand on both sides of the provider. Their job is to balance one side with the other.

      Especially now with the glut of cheap bandwidth, I can't see providers killing the golden goose by metering broadband. Perhaps somewhere down the road when all the pipes are full and it becomes very expensive to add more. But that is easily 10 or 15 years away based on current usage.

      Just my humble opinion.
  • I am no network expert.

    But from my understanding, if you put up a NAT wi-fi router, how could your ISP determine you were sharing? I suppose they could monitor traffic and guess depending on what data was being sent, but come on...

    Am I missing something?
    • When you send out data through a NAT machine, although the return IP address is changed, the MAC address within the packet stays the same. This is so the NATting machine looks at the return packet, notices that although it has it's own IP, it has a different MAC address from it's own, and thus must be forwarded somewhere. This is a bit of an oversimplification, but hopefully you can see how it works.

      If an ISP were to start checking MAC address of inbound traffic, then it could fairly easily filter out traffic for 'unregistered' computers. Alternatively, it could have a look at the traffic, realise that although a lot of packets have your IP in them yet they have different destination MAC addresses. On this assumption, they could claim that you are performing address translation for other computers.

      Did I miss a bit?? I hope not :-p
      • Wow, thanks for the heads up! =)

        I was under the impression that when a connection went out, the router would open up a port and forward that port to your computer... thus when an incoming packet hit that port, it would remember which internal IP that port was linked to and pass it on. I wasn't aware that MAC addressed remained the same, although that does make sense.

        Thanks again. =)
      • Unfortunately you did miss a bit - MAC addresses have nothing to do with NAT, or at least not in the way that you suggest.

        From the 'How Stuff Works' linked to by an earlier poster, NAT can be implemented in these ways:

        Static NAT - Mapping an unregistered IP address to a registered IP address on a one-to-one basis.

        Dynamic NAT - Maps an unregistered IP address to a registered IP address from a group of registered IP addresses.

        Overloading - A form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports. This is known also as PAT (Port Address Translation), single address NAT or port-level multiplexed NAT.

        Overlapping - When the IP addresses used on your internal network are registered IP addresses in use on another network, the router must maintain a lookup table of these addresses so that it can intercept them and replace them with registered unique IP addresses.

        None of these rely on the MAC address, which isn't part of the TCP packet information anyway (afaik).

      • It depends on whether you're bridging or routing. Obilix notes that the MAC address is stripped, but that's only if you're routing. Many DSL and cable networks use a pure bridge mode in which you're essentially a leg of a larger Ethernet network instead of on your own IP subnet. Because of this, it would be possible for the ISP to see what kind of traffic is happening, although technically, the Ethernet packet that would get routed out over the bridged network on their end would have a MAC address of the NAT gateway machine, not the individual machines. But that traffic could be monitored, pretty easily.

        Also, NAT patterns, even if they're over routed connections, can be identified. A lot of NAT gateways aren't very clever because they don't need to be. If you're an ISP trying to "fight" address sharing, you could set up a cheap lab with typical consumer equipment, most of which shares the same firmware from Atmel (Linksys, SMC, Bufffalo, D-Link, etc.). You could use some very simple analysis software to watch traffic and identify gateways.

        Fortunately, the makers of these inexpensive NAT hardware gateways have typically responded (or their firmware developers have that they license from) and added anti-anti-ballistic missile code. It wasn't very long after cable companies were restricting access to a single MAC address that Linksys and other devices added a 'clone MAC address' option.

    • how could your ISP determine you were sharing?

      This one method is very easy, and it is totally passive on the part of the ISP. Many home networks which use NAT have the machines use the ISP's DNS servers directly. If you run a program like Ethereal on your network, you will notice a lot of queries like:

      • "DNS lookup for 192.168.69.4 to myISPsDNS.com"
      • "Reply from myISPsDNS.com 192.168.69.4 hostname not found."

      I suppose you could fix this by running your own local DNS server instead, so the only lookups that would go past the firewall would be ones for remote machines. But basically, if you have N computers behind your firewall, your ISP's DNS server could theoretically receive hostname lookups for each of them.

      Also, this shows that while you're using NAT, it may not necessarily be wi-fi. But if an ISP was reasonably suspicious, I suppose they could (based on the DNS lookup info shown above) send a van out to your street, try to connect to your network via wireless and bust you that way, but even then they still can't prove it was your wireless access point that they connected to.

      • but even then they still can't prove it was your wireless access point that they connected to.

        Well, they could get on your network and send traffic to the web and see if it goes through your modem - but that would be abuse of your network.

        Is anyone aware of any ISP agreements that allow them to do just this with impunity (or if this has been tried)? =\
  • My company's ISP, Continet, is on that list. Sad to say that they've locked the doors and, I hear, asked all employees to turn in their keys. Dial up access has been cut off by the phone company (Qwest), DSL and ISDN appear to be working for the time being. A sign on their door claims that "other arangements are being made". Fat chance.

    So you can scratch them off the list. Pity. So ends the long, slow slide in customer service.
  • I run an 802.11b network at the house so that my roommate, myself, and any hardware equipped guests can share the 'net. Of course, I don't tell AT&T this because I don't want them scrutinizing my account, looking for reasons to drop me for EULA violations. But what I find interesting is that AT&T has partnered with Linksys and is pimping the wired and wireless products on their home networking page [attbroadband.com]. While this is not in direct violation of the EULA, which does allow for a home network to be created, it only allows for a network that is accessed the the account holder, and residents of the immediate household (family, roommates, that Guy on the Couch). I just hope that AT&T realizes that Wi-Fi radiates, and that the range will surpass the walls of most of the houses that it is installed in.

  • You can also get dedicated wireless service [boingo.com] from EarthLink. They're spreading wireless access points all over the place via their partnership with Boingo.

  • It appears that their definition of supporting wireless sharing is that they didn't find any obvious prohibition in whatever copy of the TOS they could find on the web, if they could find one.

    They didn't look hard enough.

  • Unfortunately it seems as though most ISPs are downright hostile against their users these days. After all, some of their users have been hostile towards their systems. If the ISP can not take care of it's security, someone will take care of their systems.

    I am a network engineer by trade. I am tired of ISPs not doing their job. Most large ISPs these days are acting more like cable TV providers than Internet Service Providers. What is your typical ADSL and cable Internet service good for these days anyway? You get a decent downstream rate, but your upstream rate is horrible, server ports get blocked, and too many "service" providers try to pass their customer a data link layer connection instead of a network layer connection -- there is a big service difference.

    NANOG is just not doing it's job these days. NANOG represents the big corporate interests in North America for ISPs, but nobody is there fighting for the users of these services. I think it time for the service providers to be reminded what the Internet is about.

    I am paying for the bandwidth. Let me do what I want with it!

    Providing an asymmetrical Internet connection is okay, as long as the user has symmetrical options available to them, and they receive a discount for the fact that they are saving bandwidth. Furthermore, providing high download rates to customers has no value to ISPs that entirely serve the residential market. If you do not have business customers in your collocation facilities who are also using the upstream bandwidth, then you are inefficiently allocating bandwidth.

    Prohibiting servers is blasphemous. This is the Internet, not cable television.

    Bandwidth providers are being like Intel and the clock cycle issue. Stop pushing these higher downstream rates as a marketing ploy when you can not provide any kind of Service Level Agreement (SLA). Having a 1.2Mbps downstream rate is worthless if you can not actually use it. 512Kbps is enough for the vast majority of home users. Oversubscription is a necessary evil, but do not abuse it.

    File sharing networks are not bad. People who are sharing copyrighted material and performing illegal acts are bad. Make a clear differentiation between the two. Blocking a service is bad in most cases -- when Code Red worm broke out, that was a good reason. I have no sympathy for customers having their circuits shut down for trading copyrighted material that they do not own -- stop being a voyeur and start being a player on the Internet, or else go back to watching TV.

    Start providing real services to your users. If ISPs had provided the NTP option in their DHCP lease messages and provided this information publicly, Microsoft would not have to include a client with their X operating system to synch the time to a clock that could be far too many hops away. Tell your users where your servers and what you offer!

    Providing a data link layer connection is typically bad. If you are an ISP and provide only a data link layer connection to your customers (bridged DSL, all cable Internet that I know of, some wireless services) then you are responsible for their entire network, which really sucks for you. This should be provided as an addition service, not the status quo. On Cisco devices, use commands like "spanning-tree rootguard", "port protected", and most importantly, place each customer into their own individual VLAN and terminate their layer two connection at a layer three trunking interface -- this is what most DSL circuits that use Frame Relay or ATM do, they terminate at a trunking interface somewhere.

    I feel that ICANN and the NICs (ARIN, RIPE, APNIC) need to hit service providers over the head with a markup percentage cap for IP allocations. Charging me $45 a month for a /29 network block (8 IPs) is unacceptable (Qwest Communications). If you calculate the cost that a U.S. ISP pays ARIN for a net block annually in it's most inefficient form, an ISP pays no more than 65 cents per IP address. In it's most efficient form, your ISP may be paying less than 7 cents per IP address. In my case, that is somewhere between a 900% to 7300% markup.

    And you thought IP addresses were expensive. Nope.

    Reference http://www.arin.net/registration/fee_schedule.html

    On that note, not allowing your customers to receive a static IP allocation is horrible. It forces customers away from your service at to someone else for no technical reason. The reasoning is entirely political/social.

    I would suggest that ISPs knock off the antics and start providing service to the last mile if they want to stay in business. This is what got them into the debt problem in the first place. Where were the customers going to come from if they do not have any network access? That fat core is doing you nothing now Global Crossing.

    I am willing to pay $200 a month for a 512Kbps bidirectional layer three network connection with a first hop latency of less than 40ms, a /29 IP allocation with reverse DNS file control, permitting me to run servers in their terms of service agreement and to not block any port or IP protocol, and there is nobody who even comes close to providing service. I live in an apartment complex in the metro Orlando Florida area. The only option that I have is an oversubscribed Time Warner Road Runner cable Internet connection.

    I get most of my access by collocating a box in Denver at a friend's house and doing work that I need to do their. I had to send my box to another state just to get the access that I wanted.

    Screw you ISPs and the no demand excuse. The customers are demanding better service -- you just aren't providing it.

Slashdot Top Deals

A Fortran compiler is the hobgoblin of little minis.

Close