 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Thu, Mar 31, 2011 at 10:56 PM, Richard Pieri <richard.pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote: > On Mar 31, 2011, at 10:20 PM, Rich Braun wrote: >> >> IPv4 NAT makes such verification more or less impossible at the upstream ISP >> side. That's one thing I like about the status quo. > > This is a myth. ?It's quite possible and sometimes trivially easy for an ISP to determine if a customer has multiple devices behind NAT and to count how many are being used. ?A simple method is to look at the time stamps on every packet. ?Every OS has a known time stamp increment method. ?If you watch how the time stamps change then you can identify the operating system. ?If you see more than one OS then chances are that the customer has more than one running system behind NAT. ?Related, no two system clocks are precisely in sync, not even with NTP. ?If you see time stamps shift forward and backward in time then you have identified multiple nodes behind the NAT bridge. ?There are other ways; these just happen to be two of the easiest ones. Did you mean TCP sequence numbers? Otherwise, I'm not sure what you mean and would be interested in learning more. Thanks, Bill Bogstad
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
