Re: [Tails-dev] [tor-talk] Can TCP Sequence Numbers leak Sys…

Ce message fait partie du fil suivant :
M\Arborescence complète du fil triée par date
MMaka à <-
 
Supprimer ce message

Répondre à ce message
Auteur: Murdoch, Steven
Date:  
À: tor-talk@lists.torproject.org, Patrick Schleizer
CC: The Tails public development discussion list, Whonix-devel
Sujet: Re: [Tails-dev] [tor-talk] Can TCP Sequence Numbers leak System Clock?
On 25 Jul 2015, at 17:49, Patrick Schleizer <patrick-mailinglists@???> wrote:
> On the other hand, I've read the claim "The kernel embeds the system
> time in microseconds in TCP connections.", but I haven't found the code
> in question to confirm, that this is so. Any idea?

The code is here:
http://lxr.free-electrons.com/source/net/core/secure_seq.c

In particular the seq_scale(u32 seq) function introduces the timestamp.

So if you see two initial sequence numbers for TCP streams between the same source/destination port/IP then you can work out the time difference (in units of 64 ns) according to the clock of the other end point.

Best wishes,
Steven




Ce message a été envoyé sur les listes de diffusion suivantes :
tails-dev
Informations sur la liste de diffusion | Messages voisins		<-Re: [Tails-dev] Please update the status of your 1.5 ticketsRe: [Tails-dev] TAILS build system with Vagrant 1.7.3->
lists.autistici.org administré par postmasterLurker (version 2.3)