[tor-bugs] #7228 [Ooni]: Detect if the client is behind NAT
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Oct 26 22:57:05 UTC 2012
#7228: Detect if the client is behind NAT
-------------------------+--------------------------------------------------
Reporter: hellais | Owner: hellais
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: Ooni | Version:
Keywords: oonib | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
In #6074 we thought that it would be nice to be able to detect if the
client running an OONI-probe test is behind NAT.
Doing some very summary research a possible approach is detailed in
RFC3947 (http://www.ietf.org/rfc/rfc3947.txt) section 3.2.
The idea is that the client and server send the packets they send and
receive. If there is a mismatch between these then somewhere along the
path either the DST/SRC ip:port pair has changed and then NAT is present.
This should be implemented in both the OONI client and the OONI backend.
A technique that does not require having a backend would be ideal.
Phrack #63 contains a technique for detecting NAT based on TCP timestamp
fingerprints: http://www.phrack.org/issues.html?id=3&issue=63
A tool that probably is not that relevant is masquet
http://toxygen.net/misc/. It detects devices that may be natted on the
local network based on the TTLs of packets and port numbers.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7228>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list