(ADSL broadband is installed at home, and a router is used to connect adslmodem and two computers at home. I plan to use one computer to play online games, and the other computer to watch online movies and speculate in stocks for my parents. However, it was found that only one computer could access the Internet at the same time, while the other computer could not access the Internet. After inquiring, we learned that the local ADSL was not allowed to share the Internet, and the telecom operators used technical means to prevent it.
How can we remove the restrictions on sharing?
To break through the limitation of sharing, we must first understand how the other party blocks sharing, so that we can have a definite goal.
1、 Detect MAC address
Generally, we use the router to share ADSL to access the Internet in the NAT (address translation) mode. Through the adslmodem or router NAT function, we encapsulate a legal public IP address on the datagram sent by the original intranet computer, and use this IP address to access the Internet. The original MAC address (the MAC address is the physical address solidified in the EEPROM on the network chip, usually 48 bits) and the IP address are used as the source address, Nat forwards it to the designated intranet computer, and makes the public network unable to know the intranet. In principle, it is impossible to find how many computers are surfing the Internet by directly grabbing NAT converted packets at the ADSL outlet. How do telecom operators block this sharing method? It turns out that the other party will check whether the data packet with the same IP address contains multiple MAC addresses. If so, it will determine that the user shares the Internet.
Solution: modify the MAC address
The solution is to change the MAC address of each machine to the same one. First, get the MAC address of the machine. Right click "network neighborhood" and select "attribute", then right click "local connection", select "status", and click the "support" tab. The "actual address" displayed in the "details" tab is the MAC address of the local network chip (Figure 1). The next step is to modify the MAC address.
1. directly clone MAC address
Usually, the telecom operators bind the ADSL line with the MAC address of the user's network card by technical means, resulting in the inability to access the Internet after replacing the computer or router. However, most routers on the market now provide MAC address cloning (routers without this function in the early days can also be obtained by upgrading firmware), which can easily break through the sharing restrictions.
Open the web management interface of the router in the browser, find the "MAC address cloning" option, click "enable", then click "obtain the MAC address of the current PC" to obtain the bound MAC address (Figure 2), and save it.
2. manually set the MAC address of the network card
If there is no router, the network chips can only be changed to the same MAC address one by one. Right click "local connection" and select "properties", select "configuration" and "advanced" tabs in the "general" interface, find the "locally managed item" ("networkaddress" or "locallyadministeredaddress") item (Figure 3), and enter the bound MAC address on the right (12 numbers or letters should be entered consecutively, do not enter "-" in it), The settings will take effect after the system is restarted.
2、 Detect sharing via SNMP
The method of binding ADSL and MAC addresses is relatively simple and easy to be broken. Therefore, some telecom operators use more advanced detection methods. Some routers and adslmodem have built-in SNMP (Simple Network Management Protocol) services. The "161" port is used as the service port. The other party can use SNMP management software, such as activesnmp, to view the connection, so as to determine the number of computers sharing the Internet through the ADSL line.
Solution: disable SNMP
If there is an SNMP option in the web management interface of adslmodem, turn it off. If SNMP cannot be turned off on adslmodem, it doesn't matter. Turning off the SNMP service on the router also has the same effect. Generally, the SNMP option is in the "management" and "service" interfaces (Figure 4) (different products from different manufacturers have different option positions), and you can disable it.
3、 Using "star speed" as dialing software
Considering that ADSL users may use adslmodem and routers, telecom operators in some regions have launched a special dial-up Internet access software "star speed". At first glance, it is no different from other dialing software based on PPPoE protocol, but after you install this software, you will find that you can no longer use the router to share the Internet. What's wrong with "star speed"? It turns out that it has a built-in cryptographic protocol converter, which encrypts and converts the user's password first, and then connects to the telecommunications office equipment. This leads to the failure of the ordinary dialing program built in the router.
The "star speed" cipher converter uses the MD5 code for conversion, that is, it converts the user name into a string of MD5 codes and adds them to the end of the user's original password to form a real dial-up password. For example, the ADSL user name is "adsl334455667" and the password is "wxd123". After dialing with "star speed", your actual password has changed to "wxd123a83f01dcfcb804b". Here, "a83f01dcfcb804b" is converted from the user name. Because of this, the user enters the original password in the router for dialing, and of course, the user cannot pass the user name / password verification of ADSL.
Solution: dial with the converted password
Since "star speed" is the MD5 code used, we will "treat people in their own way" and use the MD5 code converter ourselves first (which can be found on the Internet). Run the converter, enter the user name, click "generate", and the MD5 code will be converted immediately. Add the MD5 code to the end of the original password to form a new password. Enter the password into the router, and now there is no problem dialing with the router.
4、 Identify sharing with "network elite"
After the "star speed" was criticized by users, telecom operators in some regions used a software called "network elite". The software kept scanning the number of ports opened by ADSL users. If it was more than the set value, it was judged as sharing. Sometimes even pressing the F5 key for several times would be misjudged as sharing. It also used unknown methods to detect shared information. Generally speaking, the "network pioneer" is still an immature software. Because it constantly scans the user port, it occupies the network bandwidth, affects the single user to surf the Internet, and causes the web browsing to be not smooth.
Solution: block "network elite"
1. increase the security level of firewall
This is a relatively simple method. If you install firewall software on all computers sharing the Internet and set the security level to the highest, it is possible to prevent "network elite" from scanning ports. However, after adopting this method, although the other party cannot find and share, it will also affect their normal Internet access.
2. use "shared Aegis"
"Sharing Aegis" is a software to crack broadband sharing restrictions. It is based on Windows underlying network driver, message camouflage and other technologies, and can break through the blockade very well. It is very easy to use, even for users who are not familiar with computers.
After installing "shared Aegis", the system should be restarted and then set. On the left side of the software interface is the function menu, and on the right side is the network broadband status, recording the total upstream and downstream traffic, upstream and downstream speed and other statuses in detail (Figure 5). First click the "break through sharing restrictions" option, select the network card connected to the external network in the "please select the network interface used to access the Internet" on the right, and then select the "power on automatic operation" to save the configuration (Figure 6).
In particular, it should be pointed out that the installation methods of "sharing Aegis" are also different according to the different ways users share the Internet. For the sharing mode using the broadband router, while turning off the SNMP protocol, each computer in the intranet must install and run the "shared Aegis" at the same time. For the sharing mode using the hos.t as the proxy server, as long as the "sharing Aegis" is installed in the computer other than the ho.st. For the sharing mode without a fixed ho.st as an agent, each computer should run "sharing Aegis".
Write at the end
Since the introduction of broadband network, the battle between network sharing technology and sharing restriction technology has never stopped. With the rapid development of network technology, these two technologies are like spears and shields. Neither side can completely overwhelm the other. However, this confrontation relationship has promoted the continuous development of network technology and culture.
The above solution requires users to choose to use it according to the local network environment and their own conditions. In addition, telecom operators in a few regions have adopted hardware level equipment for blocking. So far, there is no good solution. The competition between spear and shield continues... This data contains the following attachments:
shareshield. exe
Use the tutorial doc\....)
收藏
