Lähettäjä: Murdoch, Steven Päiväys: Vastaanottaja: tor-talk@lists.torproject.org, Patrick Schleizer Kopio: The Tails public development discussion list, Whonix-devel Aihe: Re: [Tails-dev] [tor-talk] Can TCP Sequence Numbers leak System
Clock?
On 25 Jul 2015, at 17:49, Patrick Schleizer <patrick-mailinglists@???> wrote: > On the other hand, I've read the claim "The kernel embeds the system
> time in microseconds in TCP connections.", but I haven't found the code
> in question to confirm, that this is so. Any idea?
In particular the seq_scale(u32 seq) function introduces the timestamp.
So if you see two initial sequence numbers for TCP streams between the same source/destination port/IP then you can work out the time difference (in units of 64 ns) according to the clock of the other end point.