Community discussions

MUM Europe 2020
 
kkboy
just joined
Topic Author
Posts: 15
Joined: Sat Jul 10, 2004 12:42 pm

Prevent customers sharing their connection

Wed Feb 22, 2006 11:17 am

Hi all!

Does anybody knows how to prevent users(customers), sharing their internet connection? There is a solution for this, but I don't know it.

Thanks for your help!
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1729
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Wed Feb 22, 2006 11:25 am

Do you mean, find out are there masquerade network behing some router or just one PC???

You can try static APR entries, but some routers can easily change IPs.
With great knowledge comes great responsibility, because of ability to recognize id... incompetent people much faster.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24383
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Wed Feb 22, 2006 11:27 am

i don't think that this is possible, because router does not know what happens behind a pc - in the customers local network.
 
kkboy
just joined
Topic Author
Posts: 15
Joined: Sat Jul 10, 2004 12:42 pm

Wed Feb 22, 2006 11:36 am

Thanks for the fast answers.
Yes I mean that. So, the reason of this idea was that, there is a linux based os similar to MikroTik called Wnet Router Project. It can limit users, and prevent sharing their connection. It's a 100% working thing, but offcourse they don't realy want to share this knowledge. But I'm on it, and if I have some information I'll share it with you immedietaly.

Thanks again!
 
User avatar
djape
Member
Member
Posts: 469
Joined: Sat Nov 06, 2004 7:54 pm
Location: Serbia

Wed Feb 22, 2006 12:47 pm

You can try with filtering mac-addresses in ip firewall. Allow only customers mac-addresses and drop the rest.
Other solution is to limit number of concurent conections per ip, so even if they share, they will not be happy and you can explain them that it's due sharing violation rules ;)

Cheers...
I drink like a pirate and smoke like a hippie...
 
kkboy
just joined
Topic Author
Posts: 15
Joined: Sat Jul 10, 2004 12:42 pm

Wed Feb 22, 2006 12:50 pm

Wow! Good Idea! Thanks a lot!!!
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24383
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Wed Feb 22, 2006 1:19 pm

djape, but if the person is behind a nat, you will not see him. the mac filter will be useless, as the src-address will be the one from his router
 
kdavid
Member Candidate
Member Candidate
Posts: 139
Joined: Sun Jul 03, 2005 8:11 pm

Wed Feb 22, 2006 1:19 pm

Wow! Good Idea! Thanks a lot!!!
I m limiting number of connection per user ... :lol:
 
User avatar
Hugh Hartman
Frequent Visitor
Frequent Visitor
Posts: 92
Joined: Fri May 28, 2004 2:01 pm
Location: Fort Kent, Maine

Wed Feb 22, 2006 3:15 pm

The simple answer is no--all a subscriber has to do is plug in another router using NAT and run off that.
The complex answer, would be to inspect the packet for the IPid field and see what IP is being translated..
Google : "A Technique for Counting NATted Hosts" there is a pdf file from columbia.edu
 
kkboy
just joined
Topic Author
Posts: 15
Joined: Sat Jul 10, 2004 12:42 pm

Wed Feb 22, 2006 3:49 pm

I've just checked that documentation on counting natted hosts. According to this documentation, there's no way in mikrotik to prevent sharing the internet connection, exept the tricks you told me. (connection limits) Altough I'll try to contact the developer of the mentioned software, to tell me how they manged to limit this sharing.
Thanks again for the fast reactions.
 
User avatar
dbostrom
Member Candidate
Member Candidate
Posts: 133
Joined: Mon Dec 05, 2005 4:45 pm

Wed Feb 22, 2006 6:58 pm

Perhaps the first thing to address is, "What am I selling?" Bandwidth? Connections? Convenience? Annoyance?

Here in the U.S. we have approximately a fifth of the workers in our "healthcare industry" busily occupied with figuring out why people should --not-- get healthcare. It costs us "heathcare consumers" billions per year to --not-- get healthcare. Somehow the idea of prohibiting customers from running multiple hosts behind NAT reminds me of this.

Anyway, why not just throttle (strangle) the customer connection and leave it at that?
 
gmsmstr
Trainer
Trainer
Posts: 940
Joined: Fri Jun 04, 2004 2:22 am
Location: St. Louis, MO
Contact:

Thu Feb 23, 2006 2:24 am

The connection thing will definalty work. It will keep say, a home user from having 250 connections open, also works good for P2P apps.

Most people get from an ISP, "bandwidth". And they expect to get that regardless of what they are using it for. A good rule would be to put a connection limit on the single IP or MAC they are using, and then put a limit that a few people could use it.

I would get ticked if my DSL at home would slow down when I had 5 buddies over gamming on line! But, it is conceivable that 30-50 connections should never really be used by a home user. Even if I did have 5 buddies playing games online, 5 connections each is good. But what you want to stop is me putting an AP on my house and selling service or "GIVING" it to my neighbors, once you hit something like 10-20 users, that 30-50 connection limit will get hit more often.
 
changeip
Forum Guru
Forum Guru
Posts: 3804
Joined: Fri May 28, 2004 5:22 pm

Thu Feb 23, 2006 2:46 am

Aren't there certain tricks you can play with detecting the TTL of packets and if they vary you know there are more hops behind the router?

Sam
 
gmsmstr
Trainer
Trainer
Posts: 940
Joined: Fri Jun 04, 2004 2:22 am
Location: St. Louis, MO
Contact:

Thu Feb 23, 2006 3:15 am

Good question, don't know on that. I guess if you had someone Sharing with a AP, you could say somethin that was not more than xxx ms. But then what hapens if you have a busy network or interferance casuing issues that creates higher than normal ping times?
 
User avatar
jager
Trainer
Trainer
Posts: 296
Joined: Mon Oct 31, 2005 2:44 am
Location: Sierra Leone
Contact:

Thu Feb 23, 2006 3:19 am

Do not mess with ping times, it will for sure drive you to nowhere. Changeip`s TTL suggestion makes the most sence, i think.
NO, i don`t have the solution :) I just think that it might work.
But at the end .... if you sell the bandwidth to the user, why are you care is it shared or not? It`s payed, isn`t it? :D
 
changeip
Forum Guru
Forum Guru
Posts: 3804
Joined: Fri May 28, 2004 5:22 pm

Thu Feb 23, 2006 4:11 am

Read this entire thread to rehash what someone already started. I do not know if they were successful or not, but in theory it should work for most situations:

http://forum.mikrotik.com//viewtopic.ph ... hlight=ttl

Sam
 
bsnik
newbie
Posts: 36
Joined: Wed Oct 26, 2005 10:31 am

Thu Feb 23, 2006 7:52 pm

it was something about the TTL of the packets - the number for TTL change when the packet pass the router.
not 100% sure :)
 
User avatar
sten
Forum Veteran
Forum Veteran
Posts: 920
Joined: Tue Jun 01, 2004 12:10 pm

Fri Feb 24, 2006 4:09 am

also initial tcp window sizes may say something.

but i got to take the opportunity to rant about my views on this.
many people limit ports and protocols but it's almost always attacking the problem from the wrong angle. alot of packets slowing down your network? the solution alot of people reach for is blocking or restricting that sort of traffic.

how many people actually know what they are doing?
inexperienced administrators aka 12'o clock flashers (you know, those people who can't even set the time on their microwave and dvd player, hence 12 o'clock flasher) tend to come to dramatic conclussions like. "I don't want people to ping anything because of XYZ and so i must block icmp". And they do, block all icmp, but ping (aka icmp echo) is just one of many functions that icmp performs. Often this criples their network but in ways they haven't forseen that in turn can cause this 12 o'clock flasher to come to yet another dramatic conclussion.
here is one; "ok! since my <obviously underpowered> access point is experiencing problems i'll limit the number of connections my customers can have, this will show those paying bastards!" and thus the 12 o'clock flasher limits the users to 30 or so connections each.
now this would impede your average peer2peer downloader but one must also remember that firewalls sometimes remember connections long after they are over.
the end user (often referred to as paying bastard) has been surfing a few hours, all cozy and snug under a blanket with a hot cup of chocolate and then b00m! ap thinks the paying bastard has reached limit and thus no more anything! bastard gets upset and spills his chocolate making him enraged, calls the 12 o'clock flasher at 2 in the morning and demands his service back on line.
12 o'clock flasher can, assuming he hasn't blocked icmp echo, easily ping the bastard so he concludes that it must work and the bastard is not only a bastard but also an idiot.

what the 12 o'clock flasher eventually will learn is that firewalls add latency and complexity resulting in what it is used to solve; a slow network.

in the world of networking, when a problem manifests itself, it is in 9 out 10 cases just side effects of a real problem.
Move along. Nothing to see here.
 
User avatar
djape
Member
Member
Posts: 469
Joined: Sat Nov 06, 2004 7:54 pm
Location: Serbia

Fri Feb 24, 2006 6:04 am

:D nice one
I drink like a pirate and smoke like a hippie...
 
pedja
Long time Member
Long time Member
Posts: 684
Joined: Sat Feb 26, 2005 5:37 am

Fri Feb 24, 2006 11:06 am

i don't think that this is possible, because router does not know what happens behind a pc - in the customers local network.
Actually, it is possible. I have situation with my ISP that they somehow managed to partialy block traffic from users behind local routers. Users without routers can use connections without limits.

This of course was not intentional, but something went wrong with their MT. We are trying to find out what is the problem but without a luck.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24383
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Fri Feb 24, 2006 11:26 am

kudos to sten :) good one
 
User avatar
jager
Trainer
Trainer
Posts: 296
Joined: Mon Oct 31, 2005 2:44 am
Location: Sierra Leone
Contact:

Fri Feb 24, 2006 2:49 pm

@sten
Well written :)
 
telephone29
just joined
Posts: 24
Joined: Wed Oct 12, 2005 8:57 pm

how to work with TTL ?

Fri Feb 24, 2006 4:03 pm

> it was something about the TTL of the packets - the number for TTL
> change when the packet pass the router.


yes, this would be relatively easy way how to find "sharers". How can we use this in mikrotik? I didn't find anything in firewall nor mangle.
 
Hellbound
Long time Member
Long time Member
Posts: 509
Joined: Tue Oct 26, 2004 11:21 am

Fri Feb 24, 2006 5:58 pm

i don't think that this is possible, because router does not know what happens behind a pc - in the customers local network.
I can think of a way to detect if the PC is doing it but cannot think of a way how to actually block it and only allow the main pc to connect unless you block the whole thing...

however not sure if it really works...

I know there is some java script command to read the user's local IP and gateway... so you must setup a redirect page that will load every once in a while that even can be hidden from the user (no text in the page) which and in that page you can check user's local IP and compare it with what it suppose to be if it is in private ip range like (10.x.x.x) or (192.168.x.x) or (178.x.x.x) then it will be block...

any idea what I'm saying is correct? I think it can be done with javascript and some script in the mikrotik without extra package...
 
User avatar
sten
Forum Veteran
Forum Veteran
Posts: 920
Joined: Tue Jun 01, 2004 12:10 pm

Sat Feb 25, 2006 2:11 am

javascript could do that
Move along. Nothing to see here.
 
changeip
Forum Guru
Forum Guru
Posts: 3804
Joined: Fri May 28, 2004 5:22 pm

Sat Feb 25, 2006 5:54 am

javascript could do that
If the user is using javascript and didn't turn it off : ) Using a client scripting language isn't going to help blocking at the gateway IMO.

Sam
 
telephone29
just joined
Posts: 24
Joined: Wed Oct 12, 2005 8:57 pm

Sun Feb 26, 2006 12:11 am

hey guys forget the java stuff, it's nonsense.

Do you know how to find / mark / distinguish / do something with packets that have TTL equal, lower or higher than some threshold? I didn't realize anything.
 
cabana
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Fri Feb 18, 2005 9:18 pm

Sun Feb 26, 2006 6:57 pm

Personally I dont see the reason for doing this. If a customer is paying for a given bandwidth (shared or dedicated) he/she can do with it as he/she pleases. Although it would be interesting to find out how to do it.
 
dot-bot
Member Candidate
Member Candidate
Posts: 164
Joined: Tue Oct 11, 2005 7:05 pm

Mon Feb 27, 2006 11:15 pm

TTL ideas are easily beaten with MT/Linux. Sharerer just uses MT/other, turns on the certain functions and TTL is working and/or normalized as if he's not sharing.

If someone is haring his internet connection, browsers often send HTTP replies to servers that differ from PC to PC. Writing scripts/softs to run on a Linux gateway could detect such things.

But sharing an internet conenction shouldn't be prohibited. Does your water supplier company tell you: you shouldnt let your friends drink your water. You should't water the garden Outside your home, only if it's inside. That's lame. :lol:

What about those cases when a customer is splitting his conenction with his family in the next room? Prohibit those? No big ISP does this. ...
 
User avatar
sten
Forum Veteran
Forum Veteran
Posts: 920
Joined: Tue Jun 01, 2004 12:10 pm

Mon Feb 27, 2006 11:56 pm

Or even, if it's the same person with two computers. :)
Move along. Nothing to see here.
 
GJS
Member
Member
Posts: 418
Joined: Sat May 29, 2004 4:07 pm
Location: London

Tue Feb 28, 2006 3:35 am

But sharing an internet conenction shouldn't be prohibited. Does your water supplier company tell you: you shouldnt let your friends drink your water. You should't water the garden Outside your home, only if it's inside. That's lame. :lol:
No, but my water company does say that I cannot run a pipe to my neighbour's house so that they do not have to pay their water bill.
What about those cases when a customer is splitting his conenction with his family in the next room? Prohibit those? No big ISP does this. ...
All ISPs here in the UK prohibit use of the service outside the customers property same as the water company, the electric company, the gas company etc.

One particularly lame "big" cable ISP here used to require you to register a MAC address with them, one MAC address only. Big <> Clever :roll:
 
User avatar
sten
Forum Veteran
Forum Veteran
Posts: 920
Joined: Tue Jun 01, 2004 12:10 pm

Tue Feb 28, 2006 10:50 am

No, but my water company does say that I cannot run a pipe to my neighbour's house so that they do not have to pay their water bill.
Of course but unless your solution learns to differentiate between two different users and one user using two computers, it would be doing something it shouldn't.
All ISPs here in the UK prohibit use of the service outside the customers property same as the water company, the electric company, the gas company etc.
Of course, but they detect these scenarios when they notice higher than usual usage and send a guy out to investigate.
One particularly lame "big" cable ISP here used to require you to register a MAC address with them, one MAC address only. Big <> Clever :roll:
But that could easily be for different reasons than you think. It could be the modem, it could be for administrative purposes. They obviously knew that people could just get a router and overcome this. It might even be a requirement of the software in the cable modems or a an attempt to control DHCP access. DHCP is extremely vulnerable to DoS or dysfunctional software.
Move along. Nothing to see here.
 
dot-bot
Member Candidate
Member Candidate
Posts: 164
Joined: Tue Oct 11, 2005 7:05 pm

Sun Mar 05, 2006 9:52 pm

But sharing an internet conenction shouldn't be prohibited. Does your water supplier company tell you: you shouldnt let your friends drink your water. You should't water the garden Outside your home, only if it's inside. That's lame. :lol:
No, but my water company does say that I cannot run a pipe to my neighbour's house so that they do not have to pay their water bill.
....
My example is not universal sorry. Not very right too.

The biggest telecom here - for normal internet service, just does not help the user share his connection and does not care what happenes after their modem. But will help the user if the user pays for that kind of service where it sais it's for multiple computers. How about that? It's cool IMO. We respect them for this.

If an ISP limits connection sharing or in some other way their connection is less than it should be, automatically they become hated and people want to do them harm.

Hey, don't piss off the customers right ? Keep'em happy.
 
Hellbound
Long time Member
Long time Member
Posts: 509
Joined: Tue Oct 26, 2004 11:21 am

Sun Mar 05, 2006 10:02 pm

But sharing an internet conenction shouldn't be prohibited. Does your water supplier company tell you: you shouldnt let your friends drink your water. You should't water the garden Outside your home, only if it's inside. That's lame. :lol:
No, but my water company does say that I cannot run a pipe to my neighbour's house so that they do not have to pay their water bill.
....
My example is not universal sorry. Not very right too.

The biggest telecom here - for normal internet service, just does not help the user share his connection and does not care what happenes after their modem. But will help the user if the user pays for that kind of service where it sais it's for multiple computers. How about that? It's cool IMO. We respect them for this.

If an ISP limits connection sharing or in some other way their connection is less than it should be, automatically they become hated and people want to do them harm.

Hey, don't piss off the customers right ? Keep'em happy.

I agree on part the dont piss customer off and I also believe that some customer trying to download the whole INTERNET so providing the dedicate bandwidth could cost more than 10 time compared to shared bandwidth and the customer is getting that space at one tenth of the price you must think lets block the sharing and blah blah... but querying is better option in my opinion...

what we have defined in our ISP is traffic-limited packages who will switch to unlimited package after for example 1 gigabytes of download... its exactly 10 dollar a month to get 4 MB connection for 1 gigabyte free
and for each extra 10MB customer download in addition we charge until he reaches 20 dollar and thats where he can have a option of 384 or even 512 (unlimited) bandwidth... this way we can maintain the same speed....

however you may go with flat rate of lets say 18 dollar for 1 or 2 mb of speed but in our way ppl who download more will pay more and ppl won't pay more unless they want more... its much better in speed and cost for ppl who doesn't want to download large files and just doing web browsing and email stuff or chatting and believe me its it doesn't matter if they share it within 100 pc or not ...
Last edited by Hellbound on Thu Mar 09, 2006 5:26 am, edited 1 time in total.
 
telephone29
just joined
Posts: 24
Joined: Wed Oct 12, 2005 8:57 pm

Mon Mar 06, 2006 8:44 am

connection sharing is quite often not allowed:

a) cable ISPs have legal conditions - on small cheap programs you can't share, on the most expensive ones you can. Many of them limit this possibility to one property as was said before = you can't legally share with your neighbor. They are loosing money (and we are ISPs = we are loosing money).

b) quite often we sell shared bandwidth : you pay for guaranteed 512/512 and get 1536/1536 as you belong to "three customer shared bandwidth". This way, sharing is definitely not wanted as one sharing customer can consume bandwidth for all three almost always and use his connection in a way it was not meant to be. This "shared bandwidth" is sold with intention to "give customers the possibility to use more bandwidth when needed" meaning several times a day when they want to quickly send/receive big files etc.

etc, etc.

okej, let's not discuss why should we detect sharing blablabla, but HOW TO DETECT SHARING. Somebody said that every Linux can "regenerate" TTL meaning that TTL will not be lowered and sharing will not be detected. Let me assure you nobody sharing his/her connection will think of this from the first moment on - and we are able to catch him. Also, many simple routers/proxies sold these days do not have the possibility of manipulating TTL.


Once again, don't discuss why sharing should be/shouldn't be. I am pretty much interested in HOW sharing could be detected in Mikrotik using TTL stuff. I didn't find anything like this in firewall, mangling etc.
 
User avatar
sten
Forum Veteran
Forum Veteran
Posts: 920
Joined: Tue Jun 01, 2004 12:10 pm

Mon Mar 06, 2006 11:55 am

okej, let's not discuss why should we detect sharing blablabla, but HOW TO DETECT SHARING. Somebody said that every Linux can "regenerate" TTL meaning that TTL will not be lowered and sharing will not be detected. Let me assure you nobody sharing his/her connection will think of this from the first moment on - and we are able to catch him. Also, many simple routers/proxies sold these days do not have the possibility of manipulating TTL.

Once again, don't discuss why sharing should be/shouldn't be. I am pretty much interested in HOW sharing could be detected in Mikrotik using TTL stuff. I didn't find anything like this in firewall, mangling etc.
Your "business" plans are your "business" plans.

Regarding the technical standpoint: You can't do this without also having _alot_ of false positives. You won't get <<proof>> of them doing that. But you might get a hint in some of the cases. Many cheap broadband firewalls automatically do TTL adjustment to compensate for win95/win98/winme, which would have been your only real point of detection. This also causes them to be looptraps, but hey, they're cheap firewalls often made by people who actually do not build networks! :)
Move along. Nothing to see here.
 
wildbill442
Forum Guru
Forum Guru
Posts: 1050
Joined: Wed Dec 08, 2004 7:29 am
Location: Sacramento, CA

Mon Mar 06, 2006 6:26 pm

One solution to this is to bill the user based on usage and not give them unlimited transfer. This puts the onus on the user to secure their local network or face paying for those rogue users who are leeching bandwidth.

It would also mitigate problems with virus and worm traffic, as users would now be paying for the traffic their machines generate it might make them more likely to keep their virus definitions up to date.

Anyway that's just my 2 cents.
 
simonkizi
newbie
Posts: 45
Joined: Mon Jan 30, 2006 10:38 pm

Thu Mar 09, 2006 1:07 am

Nice one indeed, specially with neither solution nor suggestion!!!

What's your POINT????

How do you solve???

Reset your units when they hang????

Rather one client drop than many!!!

Just think of this:
I have recieved denial of service attacks even on port 53 ie DNS
How do you solve that except by limiting the number of connections?? Block it???? I don't think so!!! Leave the attack till it stops????

Anyway, no offense intended.

Cheers.
 
User avatar
jager
Trainer
Trainer
Posts: 296
Joined: Mon Oct 31, 2005 2:44 am
Location: Sierra Leone
Contact:

Thu Mar 09, 2006 1:55 am

One solution to this is to bill the user based on usage and not give them unlimited transfer.
This is right what we are doing. Users have to "prepay" the wished ammount of data to download. We DO NOT charge for upload. It is free at all, to allow users to use P2P software. 0.5% user DO upload much, much more that they download, but hey.... overall bandwidth consumption is always much higher id download than upload. So, who cares...
We also have "real unlimited" monthly packages, but they are pretty highly priced, and only heavy 24h downloaders have the calculation to pay for it.
On this way, ppl who use internet only for surf/email/chat do not have to pay more thay they really use. At the other hand, we do not have to care about who is sharing his connection, and who is not.
Plus, 2 or more neighbours in the same building can share the cost of wifi equipment used to connect to our network, share it with switch and connect simultaneously with different PPPoE connections. Everybodys connection is accounted separately, and PAYED separately.
So, the point is not to limit users from sharing their connection. I hardly imagine that it is even possible. The router has no clue what is going on behind the PC that is connected to your network. The point is to change your business plan :)
 
fivenetwork
newbie
Posts: 45
Joined: Thu Jul 08, 2004 4:39 am

Thu Mar 09, 2006 4:30 am

My 2 Bits ....

Attack this issue from all sides so that we have a acceptable situation until a better solution comes on ... :D

1: Limit number of connections ..
Has the pleasant effect of auto-governing p2p. But the optimal limit will have to found that works for each bandwidth plan subscribed to. So methinks we will have to have different limits for different bandwidth packages.
Can we supply this too as a RADIUS attribute at the time of authentication? If possible then we can continue to think on these lines else IMHO we are barking up the wrong tree.

2. Shift responsibility onto USER.
Ideal solutionas we indirectly/directly help create a responsible,educated user. Bwahahahahahahahahahahaha. Sorry the thought of a responsible,educated user just made me realise that then I would be out of a job!

Seriously ... what we have done is for users demanding unlimited usage ... we have created special packs. The daytime usage is restricted to X MB and their night usage is unrestrcited. This works bigtime. :D

Thats it from me now.
 
telephone29
just joined
Posts: 24
Joined: Wed Oct 12, 2005 8:57 pm

Thu Mar 09, 2006 9:53 am

I feel you are not based on competitive markets - in my country, nobody would even think about placing download/upload ratios, prepaid VOLUME of megabytes/gigabytes etc. Company like this would not exist for two months here.

so, I decided to abandon following this thread with "no solution is and will be here". BTW, what we did is we are going to sniffer traffic for some minutes at random intervals throughout a day, save it to file and inspect this file with automated tools. In twenty minutes, we are able to find out standard values for TTL coming from Windows and he are just trying to watch values different than this values. Bit of manual work is involved.
 
User avatar
sten
Forum Veteran
Forum Veteran
Posts: 920
Joined: Tue Jun 01, 2004 12:10 pm

Thu Mar 09, 2006 1:27 pm

I feel you are not based on competitive markets - in my country, nobody would even think about placing download/upload ratios, prepaid VOLUME of megabytes/gigabytes etc. Company like this would not exist for two months here.

so, I decided to abandon following this thread with "no solution is and will be here". BTW, what we did is we are going to sniffer traffic for some minutes at random intervals throughout a day, save it to file and inspect this file with automated tools. In twenty minutes, we are able to find out standard values for TTL coming from Windows and he are just trying to watch values different than this values. Bit of manual work is involved.
So what about mac (osx and pre osx), linux, openbsd, netbsd, ancient windows versions?
Move along. Nothing to see here.

Who is online

Users browsing this forum: Bing [Bot], ctmkuk, CZFan, garofaloandres and 103 guests