[SunRescue] Re: Help!
Joshua D. Boyd
rescue at sunhelp.org
Fri Apr 20 10:17:24 CDT 2001
No, I mean they run AOL's BYOS. Currently, it is working just hapilly
over Windows 98's Internet Connection sharing. Of course, we can't have
both people connect at once, but that was the case even if both people
were using phonelines and modems. So, I know if ICS can do it, then it is
possible. It could be apain to configure IPMasq or other NAT system to
work though. I keep hoping they will come to their senses and dump AOL.
On Fri, 20 Apr 2001, Chris Byrne wrote:
> When you say "Two of them run AOL" what do you mean? If you mean using AIM
> than you should have no problem, but if you are using AOL's BYOS (bring your
> own service) option you might.
> The BYOS servers are non stateful proxies from the internet to AOLNet, and
> they are geographically distributed and load balanced across AOL's major
> nodes. If a user with BYOS logs in, that users session is then associated
> with the IP address of the login session.
> In earlier versions of AOL the 'real' ip address of the system is
> transmitted as part of the login, and if it doesn't match the source IP
> address you may not be allowed to login. In more recent versions I don't
> think they do this. It was VERY irritating when I was doing tech support for
> an ISP however.
> As of early last year (the last time I had to deal with this issue thank
> god) if two persons appearing under the same IP address attempted to login,
> one of them would either not be allowed to login, or the currently logged in
> user would have their session silently drop. After quite a bit of testing we
> couldn't figure out what specific conditions might cause which response. It
> was clear however that if the users logins were directed to different
> servers that there was no problem. We tested this from several widely
> seperated geographic locations, and did some simple sniffer work.
> We also observed that two sessions on different systems could not be
> established with the same user credentials if they were directed to the same
> server. As in the previous example, either the second user would be unable
> to log in, or the first user would have their session silently terminate.
> Again if the login servers were different it was possible to authenticate
> and establish communications from two different locations using the same
> authentication information, however after a few minutes (or even seconds)
> one of the sessions would be dropped. Also in this instance we could not
> determine what factors affected the behavior of the drop (i.e. who was
> dropped and when)
> Overall I'd say using full AOL with PAT (port address translation, how most
> firewalls do address trnaslatios) is a bad idea, but test it and see if it
> works for you.
> Chris Byrne
More information about the rescue