[opendtv] Re: IP vs. MAC addresses (was: Twang's Tuesday Tribune)
- From: "Kon Wilms" <kon@xxxxxxxxxxxxxxxx>
- To: opendtv@xxxxxxxxxxxxx
- Date: Mon, 10 May 2004 17:12:05 -0400
Big brother already has access to all these locations, or can derive
approximate locations. IP geo-tracking is nothing new, and security
firms tracking hackers (and vice versa) use it as a standard part of
their toolset.
In the most simplest implementation, you do a simple traceroute to the
user (victim?)'s ip address, gather the router node names along the
way, and bounce them against regex expressions to derive their state or
locale. Deriving the user's approximate location based on the last
router hop is done by tracerouting/pinging his location from multiple
networks, averaging the time in ms to reach the endpoint, and then
deriving a possible radius in which he is located. At this point you
can do a fingerprint scan on his PC and derive OS/Firewall/etc. Voila,
you're done. Allow social engineering or law enforcement (or black hat
or white hat methods) to take the next steps.
Ofcourse more advanced systems have databases including names and
long/lat coordinates of all routers, POPs, segments, address groups
assigned to city blocks, etc.
Cheers
Kon
> Perhaps the best way to assign IP addresses then, would be to map
> them to physical locations. A device would then be addressed based on
> its nominal "at rest" location, which should be relatively unique (
> you might have a range of addresses for a "stacked" location like an
> office building). And when roaming the device could be assigned
> temporary location based IP addresses as it moves between WiFi points
> of presence.
>
> But if big brother could get access to all of this info...
>
> On second thought, maybe this is a bad idea.
----------------------------------------------------------------------
You can UNSUBSCRIBE from the OpenDTV list in two ways:
- Using the UNSUBSCRIBE command in your user configuration settings at
FreeLists.org
- By sending a message to: opendtv-request@xxxxxxxxxxxxx with the word
unsubscribe in the subject line.
Other related posts: