But, NAT does encapsulate the internal network IP of the requester into the packet headers. Caches of this information can exist. It can be separated out by people with the right type of knowledge.
Networking guy here. No, NAT doesn't normally contain the internal network address. It uses the source port to map back to the correct internal address for returning packets, using an internal lookup table/database. IE port 43562 maps to 192.168.0.5 at the moment. Port 58927 maps to 192.168.0.3. Etc...
There are some protocols that would capture and forward on the internal IP address, but they're not part of basic TCP/IP, or UDP/IP.
BTW, turn on your laptop, right click on the wireless NIC, go to properties. Hit the "configure" button. You can probably find MAC address imitation (or some other similar wording) in there.
Yep, and there are utilities if that doesn't work. I also haven't seen a home gateway without the ability to spoof MACs - too many ISPs attempt to lock accounts to the MAC, so in order to enable you to use the router, you have to be able to spoof the device's MAC.
ETA: Not that it's something that will help this guy. He's probably got the NSA on his *expletive deleted*ss right now. He'll get nailed for this, and for kiddie pr0n from 16 year old Czech girls or the like. He'll be gone for a long time.
I'm half convinced it's a fake.
