I heard that when someone share their network bandwith of ADSL with their neighbor , They get the lawyer's letter of the ISP(China Telecom) to order them stopping sharing, because the contract has the items to limit sharing.

How does the ISP know that you are sharing? Someone say: by TTL value, when the packets pass a router, the TTL decrease. Is it?

Or by MAC address? Will iptables change the MAC when masquerade IP?

At last, does this item violate personal liberty?

Thank you and sorry for my English level :-D

Hi,

TTL value, why not...
MAC@ certainly not, since you use ppp protocol which doesn't use ethernet so you do not have a mac-address on Internet (see ifconfig ppp0, there's no harware address)

Anyway, that's queer, since even though your contract doesn't allow you to share with somebody else, it must be allowed to use the same connexion for 2 machines (ex. your laptop and your PC)... then it's not possible to tell if you have 2 PC on your own, or if the second is your naighboor's...

Thank you very much, and it's a good idea!

Over here in the USA, many DSL and cable connections are not allowed to be shared even on your own 2nd machine! However, it's rarely enforced.

Newbie networking question on this: If you're behind a router (the router being the only thing connected to the DSL/Cable modem), the ISP shouldn't be able to tell HOW many machines are on, should they? Or is that where TTL comes in to play?

TTL is a good clue that you might be sharing, but is not foolproof. It is a significant indicator of multiple machines with different OS', but that's about it.

Where I live here in ohio, the cable/dsl company dislikes it when you have more than one computer on your modem... However it clearly states that if you put a router in that they will only support the line to the modem, but the internal network is your responsibility.

They can packet sniff your default gateway and check packet headers to see where they are coming from. How they can determine whether it's your '2nd PC' or a friends PC from across the street is beyond me and automatically assume you're sharing with someone....

IPTables is a package that works at layer 3 and above of the OSI. MAC addressing, which is part of the physical network card, is at layer 2 so IP tables cannot alter your mac address, at least it shouldn't.

Personal liberty? Talk to your government. The only broadband services, here in the US, that do not allow you to share are cable internet companies. Since DSL is 'your own private circuit", ISPs and telco's of DSL users don't care what you do as long as you're not breaking any laws... All these stories of DSL ISPs not letting you share is a bit of a farce. DSL ISPs don't really care because DSL is an individual and private circuit that is not shared with anyone else......

Agreed. With DSL, why should they care if one computer uses 1.5 Mbps or 3 each use 500 kbps? Using iptables, it would be possible to conceal the NAT, I would think, by manipulating ttl as they pass through the iptables box. Of course, that breaks any tool like traceroute.

But I think that's because ADSL use the protocal: PPPoE. For example, If I do like this:
# /opt/snort/bin/snort -evd -i ppp0 -l ./snortlog
Yes, I can't find the MAC address and datas of link layer in the log file, but if I just:
# /opt/snort/bin/snort -evd -l ./snortlog
Now I see the MAC address ------ My PC's(as the gateway), The remote Server's and the virtual machine of vmware.

I'm not very clear about this, maybe anyone can give me some advice?

Thank you.

Speaking as one that was involved in the ISP biz, they don't really care how many computers you have. They need to keep your bandwidth usage as low as possible. The less computers on, the less likely you are to kill them on bandwidth. Bandwidth is a major issue as they're in a price war on the bottom end, giving away DSL circuits for as low as $19.95 a month now for 1.5Mbps! On the other side of it, there is no price war among the backbone providers. So, ISP xyz may be providing you with up to 1.5Mbps for $19.95, but they're paying $300-600 to get it to the backbone! As a result, they need to try to keep your sustained usage low so that the economics of scale and usage can play out (so that they can even survive, let alone make a profit)...

The router will hide the source's MAC address with its own MAC, so the ADSL-modem will re-encapsulate the packets by its MAC address as a router.

So I think the ISP or others can't judge that you are sharing by MAC, unless there are some problem of the router :-b