lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Tue, 22 May 2012 19:53:43 +0200
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Vijay Subramanian <subramanian.vijay@...il.com>
Cc:	Miklos Szeredi <miklos@...redi.hu>, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: tcp timestamp issues with google servers

On Tue, 2012-05-22 at 10:38 -0700, Vijay Subramanian wrote:
> >> Maybe tcptraceroute[1] can help you figure this out.
> >>
> >> [1] http://michael.toren.net/code/tcptraceroute/
> >
> >
> > The transparent proxy can intercept TCP connections to port 80/443, and
> > let ICMP being NATed by the box.
> 
> Just to be clear..tcptraceroute uses TCP SYN packets to trace the
> route instead of using ICMP packets used by vanilla traceroute
> precisely because
> of the issue you raised.
> The idea is that if the connection is getting terminated at a
> middlebox, the trace will end there. Otherwise, the trace route will
> end
> at destination (google in this case). This avoids the problems of ICMP
> and TCP flows being treated differently by the middlebox.
> Is this approach workable?

Yes probably, thanks for detailed description (I indeed thought it was
traceroute)



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists