Re: AKICIF: Mac Stuff

Keith F. Lynch <kfl@xxxxxxxxxxxxxx> wrote:
> David Dyer-Bennet <dd-b@xxxxxxxx> wrote:
>> (In fact the internet connection is to the household LAN, not to
>> any individual computer, and the software on my computer can't
>> control it.)
>
> The ads I keep getting for Verizon FiOS broadband Internet service
> say that the rates quoted are for one computer only, and there are
> additional charges for additional computers. I've wondered how they
> can tell. What does it even *mean* to say how many computers are
> connected if they're all on a LAN?

The most likely meaning for "one computer at a time" is one end system
generating or receiving traffic at a time, with the company determining
exactly what that means.
There are a number of possible methods for detecting multiple systems.
They basically rely on some variety of passive OS fingerprinting (see
the paper by Toby Miller at http://www.ouah.org/incosfingerp.htm).
One example is to examine the TTL field of outgoing packets. Different
operating systems use different default values for TTL, and the default
for a router is to decrement the TTL on all packets passing through.
So if, for example, you know that Windows uses a default TTL of 128 and
Linux uses a default TTL of 64, and your trace shows packets coming
through with TTLs of 127 and 63 you might speculate that there are at
least two systems, one running Windows and one running Linux, sitting
behind a router.
There are other examinations that can determine whether there are
multiple systems of the same type in use, although this is easier with
some operating systems than others. Additionally a sufficiently flexible
router could rewrite packets to mask both the identity of the router
and the fact that there are multiple systems behind it.

Robert
--
Robert K. Shull Email: rkshull at rosettacon dot com
.

Relevant Pages