Can the ISP find out if you host a server?

[Sharks445]

I host a server on a windows 8.1 x64 machine, and am on a home internet connection. The ISP says in their terms that you are not allowed to host a server. This server is for mainly private and some public traffic, not a business or anything. Suppose everyone keeps quite about the whole thing and no one snitches to the ISP, can I continue to run this? Does the ISP periodically go around searching for servers, or is this just a loose, unenforced policy? How long can I keep doing this? Has anyone ever been caught? And what happens if you do?

 

[Darkbreeze]

Of course. Easily. If they're seeing incoming traffic through your IP address they can easily see what's going on. Traffic patterns, bandwidth usage, origin of IP and packet types can all tell an ISP what you're doing.

They don´t allow it, because they want you to pay for a business-grade connection, and also because there are technical reasons.

Of course there are some technical reasons, mainly related to the access technology. Major ISP are still offering services on xDSL or coax networks. These are by nature an asymmetric, shared medium.

The problem with hosting a service on a shared medium is that you could take over all of the available bandwidth of every other user who shares the same port on the equipment (DSLAM, CMTS, WiFi AP, or OLT´s on GPON). They do not have much control of it, and if they want to allow but control, that would generate a huge staff time and software programming demand.

Second, the asymmetry issue. This is more related to your server´s available quality of service. If you host a server, you´d naturally expect incoming connections that would consume your upload speed. If your upload speed sucks, so does your hosted service.
For example, if you were willing to host a Plex server for video streaming, a single HD stream would consume more than most of the available bandwidth connection provides.

It's also because an average residential user might not have the technical skills to keep a server properly configured and patched.

If running a DNS server, do you know to disallow open recursion? If running a mail server, do you know to disallow open relay? Have you configured your FTP to drop users into a chrooted environment? Is there a reasonably complex password on your SSH accounts?

For what the ISP is charging, they can't afford for support or abuse people to help you with all that stuff, especially once you're exploited, so it's easier just to block those ports. For a business customer, you're usually paying a higher monthly rate with a different support structure, so it becomes feasible.