Jump to content

Question on NAT


MagnusTheRed90

Recommended Posts

I was wondering if from the outside the ISP could readily determine what individual computers on the other side of the router would be doing, example http browsing, while simultaneously accounting for the new Session Ids of the NAT table. They rotate or something. I was wondering if it was possible to see through the NAT configurations.

Link to comment
Share on other sites

If you can see all the network traffic coming out of the router, then you might be able to fingerprint distinct devices based on profiling the network traffic, see p0f for examples of how that works. You could then tie that to the protocols in use, for example you could identify a Linux and a Windows box and see the Linux box doing sporadic HTTP/HTTPS traffic while the Windows box is talking VOIP. From that you could say roughly what was going on.

But you can't see through a router, you can only see what is coming out of it.

Link to comment
Share on other sites

Question is simply about Network Allocation Tables. Not really aiming at much. Short story I may have seen a trick that I don't know how to quantify, but I could be barking up the wrong tree however.

 

Perhaps you should tell me what kinds of information p0f can tell you. Can it narrow it down to operating system and machine build?

Link to comment
Share on other sites

I am sorry. I will research p0f.

The trick is simply that I got the impression that people knew more about where I was browsing than they should in public places. Things like what I had ordered in my previous shopping cart. The computers have been rebuilt a few times. I lived in my parents house with several other people, so they should have not been able to differentiate between a sys-admin's traffic and a software developers.

Link to comment
Share on other sites

It is highly unlikely your friends are going to be able to sit upstream of your router and sniff traffic, if they could do that, then your ISP would be in a lot of trouble.

As long as you are browsing your shopping sites over HTTPS, then even if they could sniff the traffic, all they would see is encrypted data which they wouldn't be able to decrypt

Not sure what the comment about sys admin vs developers traffic has to do with anything, and if you are worried about your router, what does browsing in a public place have to do with it?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...