[ previous ] [ next ] [ threads ]
 From:  rgreiner <mrgreiner at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  IP violation
 Date:  Thu, 23 Oct 2008 14:25:33 -0200

I ran into a small IP problem.

I have a relatively large wireless network (simultaneous users ranging
from 50 to 380 during the day), all of them behind a monowall, using a
single external IP for NAT.

Now, today we received a complaint letter from the "Associação
Brasileira das Empresas de Software", the Brazilian organization that
handles copyright in software, saying that someone downloaded a game
through bittorrent, coming from that IP which is our external NAT
address for the wireless network. Now, what could I do try to identify
that user? What tools could I use (or implement for future occurrences)
to identify such users? 1-1 NAT is not possible, since we can't afford
400+ IP addresses for it.

Another problem is that bittorrent usually employs cryptography, making
it hard to identify that's being used at all, much less what exactly
someone is downloading.

Any ideas?

Thank you,


                Marcos Roberto Greiner

   Os otimistas acham que estamos no melhor dos mundos
    Os pessimistas tem medo de que isto seja verdade