Non-Tech City

- Have a story? E-mail us -
- Or let us know on the Forum -

Tuesday, March 08, 2005

Stop Hiding Behind That Firewall

Firewalls are good at keeping people out, but they also protect your anonymity, you all look like the same person on the inside of it. With Network Address Translation everyone inside the firewall has the same IP, and therefore are indistinguishable from each other. Well, not anymore. One clever researcher has discovered a way of spotting individual machines that is so simple that once you've heard it, you can't believe it hasn't been done before. Of course, this would be of benefit to law enforcement agencies for tracking criminals who hide behind the now defunct security measures. Basically, each packet sent out contains timestamp information, and this differs slightly from machine to machine. This is due to varying lag on each computer, making some clocks noticably behind or ahead of others. By tracking these you can tell from what computer a packet came. One way around this that I see is the use of software that automatically synchronises the clock times of each computer, or that varies each slightly at random points to cause confusion. Although the second plan would screw up all sorts of things.


Post a Comment

<< Home