|Identifying PCs behind firewalls using fingerprinting|
|Posted by: AceBHound on Mar 7th, 2005 8:10 PM|
A University of California researcher says he has found a way to identify computer hardware remotely, a technique that could potentially unmask anonymous Web surfers by bypassing some common security techniques.
The process actually involves exploiting TCP timestamps which are part of RFC 1323. Information contained in the TCP headers can be used to measure a device's clock skew and help identify which device sent the TCP packet. This would theoretically allow a device to be identified even when used on different networks or behind firewalls. Can anyone say CSI: The Net?