I'm not sure how I got put into the position of defending their possible practices. I've already said that looking for NATs as a practice isn't a good idea. I suggest that people read the following (they seem to be cut-n-pasted from the @Home agreements, BTW): http://www.comcast.net/TermsofService/aup.asp Bandwidth, Data Storage and Other Limitations Users must ensure that their activity does not improperly restrict, inhibit, or degrade any other user's use of the Services, nor represent (in the sole judgment of Comcast High-Speed Internet Service) an unusually large burden on the network itself. [What's an "unusually large burden" (in Comcast's sole opinion)?] The Comcast High-Speed Internet Service residential service offering is a consumer product designed for your personal use of the Internet. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Violation of Acceptable Use Policy Comcast High-Speed Internet Service does not routinely monitor the activity of accounts for violation of this Policy. However, in our efforts to promote good citizenship within the Internet community, we will respond appropriately if we become aware of inappropriate use of our Services. http://www.comcast.net/TermsofService/subagree.asp 6. PROHIBITED USES OF THE SERVICE viii ... THE SERVICE IS TO BE USED SOLELY IN A PRIVATE RESIDENCE; LIVING QUARTERS IN A HOTEL, HOSPITAL, DORM, SORORITY OR FRATERNITY HOUSE, OR BOARDING HOUSE; OR THE RESIDENTIAL PORTION OF A PREMISES WHICH IS USED FOR BOTH BUSINESS AND RESIDENTIAL PURPOSES. [I'm in violation on that, since I have it feeding into my lab] THE SERVICE IS FOR PERSONAL AND NON-COMMERCIAL USE ONLY AND CUSTOMER AGREES NOT TO USE THE SERVICE FOR [...] ANY BUSINESS ENTERPRISE, OR AS AN END-POINT ON A NON-COMCAST LOCAL AREA NETWORK OR WIDE AREA NETWORK, OR IN CONJUNCTION WITH A VPN (VIRTUAL PRIVATE NETWORK) OR A VPN TUNNELING PROTOCOL; | "Steven J. Sobol" wrote: | > 2 x ssh = 2 tcp connections. So Steven would be in violation of that, unless he were using SSH to access a MUD. :p The point is that they do not want people using it for anything other than consumer-oriented Internet access. There are ways to cast a net and catch such fish. Yes, every system can be fooled, and every fool has a system. If you show up on their radar, chances are that they can still yank you for something else even if the first filter proves false. It's also interesting that NATs are not explicitly mentioned in either of the above specifications, and I saw no reference anywhere else on their web site (not that it matters; violation is within their discretion). http://www.comcastonline.com/FAQsList.asp?.=.&FAQCategoryID=2#15 Can I use the service on more than one computer? Yes, customers with home networks may order additional network addresses in order to connect several computers to the service through one cable modem. You must first subscribe to the basic Comcast High-Speed Internet Service. Once you become a subscriber, you can sign up for a second and third address. You will need to have access to network expertise because Comcast High-Speed Internet Service neither installs nor supports networks. The cost is $6.95 per month for each additional outlet. Customers can have two additional addresses, for a total of three. Comcast will install the network card and software on a second and third computer for a change of $49 for each computer. http://www.comcastonline.com/howmuch.asp?.=. additional IP addresses "$6.95 - 9.95/each" As far as I can tell, using a NAT is permitted. Running a server, staying connected to corporate mail systems 24x7, and doing other non-consumer stuff is still the only thing forbidden. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/