[LUG.ro] NATted Hosts

Alfredo Daniel Rezinovsky lugro@lugro.org.ar
12 Aug 2003 16:38:34 -0300


> AT&T Labs Research
> Abstract- There have been many attempts to measure
> how many hosts are on the Internet. Many of those endpoints,
> however, are NAT boxes (Network Address Translators),
> and actually represent several different computers.
> We describe a technique for detecting NATs and counting
> the number of active hosts behind them. The technique is
> based on the observation that on many operating systems,
> the IP header's ID field is a simple counter. By suitable
> processing of trace data, packets emanating from individual
> machines can be isolated, and the number of machines
> determined. Our implementation, tested on aggregated local
> trace data, demonstrates the feasibility (and limitations)
> of the scheme.

Esos "many operating systems" no incluyen linux ni freebsd, por lo menos
en los ultimos kernels.