Tuesday, March 08, 2005

Remote Physical Device Fingerprinting

Hat Tip: Schneier on Security.)

A team has come up with a way to identify devices that are hooked up to the net, even when they're behind firewalls and separated from the measuring devices by great distances and multiple hops. This technique can identify devices after they've been moved from one location to another.

Example applications include: computer forensics; tracking, with some probability, a physical device as it connects to the Internet from different public access points; counting the number of devices behind a NAT even when the devices use constant or random IP IDs; remotely probing a block of addresses to determine if the addresses correspond to virtual hosts, e.g., as part of a virtual honeynet; and unanonymizing anonymized network traces.

It's getting harder to stay get anonymous online.

No comments: