|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: NATting a whole country?
On Wed, 3 Jan 2007, Steven M. Bellovin wrote: > > According to > http://www.nytimes.com/aponline/technology/AP-TechBit-Wikipedia-Block.html > all of Qatar appears on the net as a single IP address. I don't know > if it's NAT or a proxy that you need to use to get out to the world, > but whatever the exact cause, it had a predictable consequence -- the > entire country was barred from editing Wikipedia, due to abuse by > (presumably) a few people. Half related, the amazing Steven Murdoch did some traffic analysis on a similar issue, trying to detect machines behind the annonyzing Tor network. "By requesting timestamps from a computer, a remote adversary can find out the precise speed of its system clock. As each clock crystal is slightly different, and varies with temperature, this can act as a fingerprint of the computer and its location." ftp://ftp.fortunaty.net/video/23c3/wmv/timeskew2-t2s1.wmv http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html Anyone remember CAIDA's study on the crystals for detecting machines through NATs? http://www.caida.org/publications/papers/2005/fingerprinting/KohnoBroidoClaffy05-devicefingerprinting.pdf Another good lecture on traffic analysis at CCC, which was an introduction by George Danezis: http://events.ccc.de/congress/2006/Fahrplan/attachments/1185-DanezisTAIntro.pdf Gadi.
|