Systems behind routers tracable?

[mindpilot]

I think this sort of algo can be made inefficient if you configure well your router. Or maybe would it be interesting to create false "computers" connected playing with the parameters of the algorithm and creating false internal trafic in order to make some honeypots more attractive for crackers.

This is an interesting reply...Any idea on how to achieve this? Configuring your Router and/or creating the look of false internal traffic.

very curious...

[NeuTron]

<quote>I think this sort of algo can be made inefficient if you configure well your router. Or maybe would it be interesting to create false "computers" connected playing with the parameters of the algorithm and creating false internal trafic in order to make some honeypots more attractive for crackers. </quote>

Are you still plugged into the matrix?

[mindpilot]

Neutron.....who is the question directed at and can you elaborate?

[NeuTron]

Sorry......Just sounds like jargon and not reality.......

[mindpilot]

Thats what I am trying to uncover..heh!

[KissCool]

I have not studied the algorithm. But I think that if we understand it correctly, we should be able to find how it analyses the "gap" in sequences in order to determine the number of machines. So if we create false traffic (maybe with new network interfaces on servers and with specific scripts, the only target is to make variations in IPid's), we must be able to "create" false computers: computers that don't exist but which are detected by the algorithm.
If crackers scan your network with this method, they will view more computers. The major problem of honeypots is often to make the vunerable computer attractive and realistic without buying a lot of money. It could become a way to do so easily if this algorithm becomes popular and if somebody with a better knowledge than me create one or two scripts to create this false traffic. The secret is only in the datas given to the algorithm after all: change the datas, you will change the result.

KC

[mindpilot]

KC...that sounds Great in Theory...but I havent found much of anything to support any such progress toward such a project (via Google).

ps
If I'm not mistaking many routers already have software on board that doesn't need those numbers anymore to send the right packets to the right pc, so they replace it with something random. by neel

I would very much like some more info. on this quote by neel. If it is indeed true and which NAT routers may have this software.

Any help??

[KissCool]

that sounds Great in Theory

And, as you have noticed, it will remain only a theory until that someone made it. If it is really recent and if old algorithms of the same types were inefficients, it is normal that nobody searched such a thing. But if this algorithm becomes popular, don't worry, it will be done.

KC

[g00n]

well, where this algorithm comes into play really is when these new DMCA like laws get passed, and it's illegal to use a NAT device to share a connection, the ISP's and government agencies will use tools like this to determine who they need to harrass.

But I believe that a gateway, perhaps openbsd, doing nat adding randomness to the packet identifiers would cause problems, either flagging you instantly, or letting you slide through the cracks.. you would need to proxy everything inorder to go escape it, but even that would be detectible..

but with these laws in on the books, and people not liking it will cause kernel developers to come up with slick ways to stop the scans... just my thoughts

[mindpilot]

Ahh very true about DMVA laws. I guess my question would be that if a person is gonna get a NAT router for a SOHO w/<5 users they should get it NOW, are ther any with configuarable software that are in expensive??