Shoutbox

quote:

---

Originally posted by andrewdodd13
It should work.

Be very careful though, universities (if this is in halls) are usually very strict in saying that you're are explicitly not allowed to do this. And I know at my uni they have pretty good ways of insta-banning your room's account automatically.

---

then just connect the university connection to the wan port of the router and register the router's mac address on the university's network - as far as they will then be able to see you have one machine connected and they don't need to know what's going on behind the router (and they won't, unless they do some lame packet inspection but even then they'd need to be specifically looking for the signs of nat)

don't let your flatmates use your connection over wireless unless it's a shared one already, because you'll quickly find it's you who gets blamed and disconnected if someone else breaches the tos.

you also don't need the "repeating" functionality of dd-wrt; that's something else. all you need is the router itself to have an ip, dhcp enabled (you'll want that), the wireless configured properly and secured, and for it to be connected to the university network in some way or another.

I still recommend dd-wrt anyway, as it's a very nice router firmware alternative providing your device supports it.

quote:

---

Originally posted by segosa

quote:

---

Originally posted by andrewdodd13
It should work.

Be very careful though, universities (if this is in halls) are usually very strict in saying that you're are explicitly not allowed to do this. And I know at my uni they have pretty good ways of insta-banning your room's account automatically.

---

then just connect the university connection to the wan port of the router and register the router's mac address on the university's network - as far as they will then be able to see you have one machine connected and they don't need to know what's going on behind the router (and they won't, unless they do some lame packet inspection but even then they'd need to be specifically looking for the signs of nat)

---

Generally this is what they do. I was told that a masters student came up with some piece of software which inspects the header of a random packet from each room every now and then and checks if it's using IP Masquerading.

quote:

---

Originally posted by segosa
then just connect the university connection to the wan port of the router and register the router's mac address on the university's network - as far as they will then be able to see you have one machine connected and they don't need to know what's going on behind the router (and they won't, unless they do some lame packet inspection but even then they'd need to be specifically looking for the signs of nat)

---

That might not work, at my university they use 802.X for authentication and I think dd-wrt support this, but I don't think standard firmwares do. So then you'd need to use repeater mode as then authentication is handled at the devices again and not the router. Also using NAT will cause all the problems that NAT has and repeater will avoid these.

quote:

---

Originally posted by andrewdodd13

quote:

---

Originally posted by segosa

quote:

---

Originally posted by andrewdodd13
It should work.

Be very careful though, universities (if this is in halls) are usually very strict in saying that you're are explicitly not allowed to do this. And I know at my uni they have pretty good ways of insta-banning your room's account automatically.

---

then just connect the university connection to the wan port of the router and register the router's mac address on the university's network - as far as they will then be able to see you have one machine connected and they don't need to know what's going on behind the router (and they won't, unless they do some lame packet inspection but even then they'd need to be specifically looking for the signs of nat)

---

Generally this is what they do. I was told that a masters student came up with some piece of software which inspects the header of a random packet from each room every now and then and checks if it's using IP Masquerading.

---

what? the router is the device that grabs an ip off the university's network and ip masquerading is exactly what makes nat possible - that is, as far as the university's end is concerned every packet coming from that room is coming from only one device (the router) with the source ip being the ip that the router has on the university network. ip masquerading is exactly what prevents detection, and i don't think there's anything in any packets that leave the room that would give it away.

quote:

---

Originally posted by Ezra

That might not work, at my university they use 802.X for authentication and I think dd-wrt support this, but I don't think standard firmwares do. So then you'd need to use repeater mode as then authentication is handled at the devices again and not the router. Also using NAT will cause all the problems that NAT has and repeater will avoid these.

---

are you talking about wireless? I was under the impression he had a wired connection to the university network, not a wireless one.

quote:

---

Originally posted by segosa
are you talking about wireless? I was under the impression he had a wired connection to the university network, not a wireless one.

---

802.1X works on wireless as well as wired connections. The port will be dead until the connection has been authenticated.

quote:

---

Originally posted by Ezra

quote:

---

Originally posted by segosa
are you talking about wireless? I was under the impression he had a wired connection to the university network, not a wireless one.

---

802.1X works on wireless as well as wired connections. The port will be dead until the connection has been authenticated.

---

oh I see. I wasn't aware universities used that for wired too. mine just uses mac address auth.

quote:

---

Originally posted by segosa

quote:

---

Originally posted by andrewdodd13

quote:

---

Originally posted by segosa

quote:

---

Originally posted by andrewdodd13
It should work.

Be very careful though, universities (if this is in halls) are usually very strict in saying that you're are explicitly not allowed to do this. And I know at my uni they have pretty good ways of insta-banning your room's account automatically.

---

then just connect the university connection to the wan port of the router and register the router's mac address on the university's network - as far as they will then be able to see you have one machine connected and they don't need to know what's going on behind the router (and they won't, unless they do some lame packet inspection but even then they'd need to be specifically looking for the signs of nat)

---

Generally this is what they do. I was told that a masters student came up with some piece of software which inspects the header of a random packet from each room every now and then and checks if it's using IP Masquerading.

---

what? the router is the device that grabs an ip off the university's network and ip masquerading is exactly what makes nat possible - that is, as far as the university's end is concerned every packet coming from that room is coming from only one device (the router) with the source ip being the ip that the router has on the university network. ip masquerading is exactly what prevents detection, and i don't think there's anything in any packets that leave the room that would give it away.

---

Well, I'm not too techy on the subject.

But if there was no identification at all, how the hell would the router know where to send the packets it receives?

quote:

---

Originally posted by andrewdodd13

quote:

---

Originally posted by segosa

quote:

---

Originally posted by andrewdodd13

quote:

---

Originally posted by segosa

quote:

---

Originally posted by andrewdodd13
It should work.

Be very careful though, universities (if this is in halls) are usually very strict in saying that you're are explicitly not allowed to do this. And I know at my uni they have pretty good ways of insta-banning your room's account automatically.

---

then just connect the university connection to the wan port of the router and register the router's mac address on the university's network - as far as they will then be able to see you have one machine connected and they don't need to know what's going on behind the router (and they won't, unless they do some lame packet inspection but even then they'd need to be specifically looking for the signs of nat)

---

Generally this is what they do. I was told that a masters student came up with some piece of software which inspects the header of a random packet from each room every now and then and checks if it's using IP Masquerading.

---

what? the router is the device that grabs an ip off the university's network and ip masquerading is exactly what makes nat possible - that is, as far as the university's end is concerned every packet coming from that room is coming from only one device (the router) with the source ip being the ip that the router has on the university network. ip masquerading is exactly what prevents detection, and i don't think there's anything in any packets that leave the room that would give it away.

---

Well, I'm not too techy on the subject.

But if there was no identification at all, how the hell would the router know where to send the packets it receives?

---

this is how nat works. the natting device doesn't know where to send initial incoming packets (for new connections), indeed, which is why port forwarding exists. outgoing packets seen by the router are recorded so that the packets that come back can be sent to the correct internal ip.

quote:

---

Originally posted by andrewdodd13
But if there was no identification at all, how the hell would the router know where to send the packets it receives?

---

ehm, you haven't noticed in the last decade that it's a pretty common problem that people behind routers can't set up servers because the routers don't know where to send the packets? that's what port forwarding is for...

quote:

---

Originally posted by ShawnZ

quote:

---

Originally posted by andrewdodd13
But if there was no identification at all, how the hell would the router know where to send the packets it receives?

---

ehm, you haven't noticed in the last decade that it's a pretty common problem that people behind routers can't set up servers because the routers don't know where to send the packets? that's what port forwarding is for...

---

Of course. But that's only because the listening server is behind the NAT. I just didn't realise that the router does some fancy stuff with ports for outgoing connections.

I asked them to explain it when I was there today, basically, they wouldn't tell me how they check, because they thought I was trying to find a way round it. Fun times.