Re: Hiding NATs with PF

From: jpd (read_the_sig_at_do.not.spam.it.invalid)
Date: 09/28/05 

Date: 28 Sep 2005 17:29:40 GMT

Begin <5dhlj1lh74hdtmkb5ekb2ncc9k498d47lh@4ax.com>
On 2005-09-28, Greg Hennessy <me@privacy.org> wrote:
> On 28 Sep 2005 07:53:23 -0700, "Max Bolingbroke"
><batterseapower@hotmail.com> wrote:
>>Well, the problem is that I am going to be connecting to a network
>>which has a strict limit of 1 IP address per person but also
>>inexplicably has a policy where you are not allowed to run your own
>>router. I'm trying to circumvent this restriction :). If you don't want
>>to help me given this, I would understand.
>
> How do they 'enforce' this policy exactly ? I've worked in environments
> with ridiculous policies because some clueless idiot copied something out
> of a textbook.

Not to mention the time it would take humans to go out and try and
detect this.

To the OP: Are there policies on using vmware or similar
multiple-os-per-machine constructs?

> Dictating the network architecture of an external 3rd party would fit the
> 'ridiculous' category.

Ah, but if the OP is on a campus or something, _his_ network may
very well be counted part of the network the policy is set for.

I know of such networks where there is a strict ``no nat'' policy
because they don't want to deal with abuse hidden by that and the
resulting expected gefingerpointing. I can't blame them for their
motives. 

-- 
  j p d (at) d s b (dot) t u d e l f t (dot) n l .

Relevant Pages

  • Re: Hiding NATs with PF
    ... >> with ridiculous policies because some clueless idiot copied something out ... >Not to mention the time it would take humans to go out and try and ... >very well be counted part of the network the policy is set for. ...
    (comp.unix.bsd.openbsd.misc)
  • Re: Hiding NATs with PF
    ... > What are you protecting yourself against exactly? ... the problem is that I am going to be connecting to a network ... which has a strict limit of 1 IP address per person but also ...
    (comp.unix.bsd.openbsd.misc)
  • Re: No Shut Down or Restart for Domain Admins
    ... run rsop.msc from your DC and check which policy is responsible to this. ... I have created a group policy in a development network and imported it ... NT AUTHORITY\Authenticated Users Read (from Security Filtering) No ... Enforce user logon restrictions Enabled ...
    (microsoft.public.windows.server.active_directory)
  • Re: EventID 1054 from Userenv for startup script
    ... So if you said "some machines don't have full access to the network ... at startup" the GPO's seems not to apply correct. ... startup script policy. ...
    (microsoft.public.windows.group_policy)
  • Re: COBOL is Number One
    ... used for policy discussions across companies and continents. ... The Network empowers this. ... about the users using spreadsheets but was more worried about the fact ... My point was that there is increasing computer literacy in the work ...
    (comp.lang.cobol)