Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tracking a Specific Machine Anywhere On The Net

Posted by Zonk on from the not-the-sandra-bullock-movie dept.

An anonymous reader writes "An article on ZDNet Australia tells of a new technique developed at CAIDA that involves using the individual machine's clock skew to fingerprint it anywhere on the net." Possible uses of the technique include "tracking, with some probability, a physical device as it connects to the Internet from different access points, counting the number of devices behind a NAT even when the devices use constant or random IP identifications, remotely probing a block of addresses to determine if the addresses correspond to virtual hosts (for example, as part of a virtual honeynet), and unanonymising anonymised network traces."

3 of 470 comments (clear)

  1. Re:NAT by quelrods · · Score: 1, Troll

    Exactly! After the technique to use timestamps to count hosts behind nat OpenBSD added tcp options to the scrub directive. For all my isp knows I have a single box since I have the firewall generating strong ISN's as well as scrubbing timestamps.

    --
    :(){ :|:&};:
  2. Re:How about this though? by khrtt · · Score: 0, Troll

    ..slight variations in the timing of the clock at various points throughout the CPU..

    You are fucking kidding, right? He's referring to the real-time clock in your computer, not the delays inside the CPU.

  3. Re:Fingerprinting by pjt33 · · Score: 1, Troll
    A cron job to run an NTP update once an hour and viola, this technique is useless.
    Timeskew on a viola? Hope you don't play in an orchestra...