How does the ISP detect and control multi-host shared ADSL connections?

Author: SkynetArticleSource: Skynet clicks: 1616 updated:

ADSL brings great convenience to Internet access. Many families have several computers. Through ADSL Internet sharing, they can access the Internet without interfering with each other. However, many friends recently told me that, if only one machine is connected to the Internet, everything is normal. If both machines are connected to the Internet, they cannot open the web page. According to a message, China Telecom has a new network hardware: Network Vanguard. I checked the information about the network Vanguard online. I only talked about the implementation function, but not about the implementation principle. To solve this problem, we must find out how it works if we cannot share the internet, there are two ways for ADSL to share the Internet. One is proxy and the other is address translation (NAT). Generally, the routing method is actually Nat, in fact, the principle of routing and Nat is still different. We will not discuss it here. Currently, ADSL cats generally have Nat functions. It is more economical and convenient to use its own functions to achieve Internet sharing, this article mainly discusses this method. If you want to block more than one computer from accessing the internet, you must find that there are more than one machine behind the sharing, as shown in Nat working principle 1, after Nat translation, the addresses of computers accessing the Internet over the Intranet are all changed to 192.168.0.1, And the MAC address is also converted to the MAC address of ADSL. That is to say, in principle, you cannot find several machines accessing the internet by directly capturing nat-converted packets at the ADSL egress. How did we find it? Figure 1. How Nat works I. analyze the cause First, use superscan to scan ADSL cats and find that port 161 is open, and port 161 is the SNMP (Simple Network Management Protocol) Service port. Is it the number of hosts discovered through the SNMP protocol, xscan is used to scan the cat's vulnerabilities. The default password is displayed. you can log on to the management interface of the cat but cannot find the place to close the SNMP service. It seems to be a backdoor left, from this, we can basically determine the number of hosts found through the SNMP protocol. In order to further confirm that an SNMP management software, activesnmp, is used to view the connection status of the ADSL cat, 2 shows that the SNMP protocol can clearly identify the number of hosts accessing the Internet at the same time. Figure 2. Connections in ADSL displayed by activesnmp Ii. Solution The solution is to block the SNMP protocol. There are several ideas as follows. 1. There is no place in the cat to disable the SNMP protocol. You can switch between a cat and a cat that can disable the protocol. 2. You can change the configuration file to a file, use the binary editing tool to change the default password, and then load it into the cat. This is just a way of thinking and has not been tried. 3. Buy an ADSL Router and place it in the area shown in Figure 3. Create a NAT service in the router. In this way, an address is entered into the ADSL cat, which solves the problem of shared Internet access. Disable the SNMP protocol in the vro.