[NTLUG:Discuss] [sb1116] ALERT: Texas "super DMCA" movingthrough the legislature]
severian@pobox.com
severian at pobox.com
Fri May 23 23:29:31 CDT 2003
Howdy,
You have got at least part of it. I bet somebody will fix the packet
filter software in Linux to obfuscate this information before
long. OpenBSD's packet filter already has an option to randomize these
packets before sending them to the outside world and thus be invulnerable
to detection as to how many machines are being routed. After the
publicity, someone is bound to be porting that code, don't you think. If
you want to read more, go to:
http://yro.slashdot.org/article.pl?sid=03/04/24/0119209&mode=thread&tid=158&tid=193
http://www.sflow.org/detectNAT/
Good luck,
Ralph
In response to the welcome remarks of Rusty Haddock at 10:37 AM 5/23/03 -0500:
>data flowing from a particular physical connection and check out the
>IP sequence numbers. If you start sucking down FTP packets from one
>host and then have a telnet connection going to another, the sequence
>numbers will be different unless they are from the same machine. Even
>if the sequence numbers are close together, numerically, the IP stacks
>on those machine would need to be synchronized to avoid this type of
>detection.
More information about the Discuss
mailing list