From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <775b8d190704030041p5d02196bnbcfb7cbfe5fe8953@mail.gmail.com>
Date: Tue,  3 Apr 2007 17:41:26 +1000
From: "Bruce Ellis" <bruce.ellis@gmail.com>
To: "Fans of the OS Plan 9 from Bell Labs" <9fans@cse.psu.edu>
Subject: Re: [9fans] IP geolocation bug
In-Reply-To: <27B24027-7E3A-4C6C-89B0-D190E0C58D11@orthanc.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <f59c54190704022047u6367a60q4adf20c7cbbc0f82@mail.gmail.com>
	<ee9e417a0704022100q7cf8e280ufbd49341852f29f@mail.gmail.com>
	<C8020876-0474-4910-B9B6-B7AA66BA7601@orthanc.ca>
	<775b8d190704022329x6d893632i207fb904946a2609@mail.gmail.com>
	<27B24027-7E3A-4C6C-89B0-D190E0C58D11@orthanc.ca>
Topicbox-Message-UUID: 3c975240-ead2-11e9-9d60-3106f5b1d025

it scrounges around, as would the author, and makes a good guess.
the ozinferno http service uses the algorithm.  it blocks kansas
(only kidding).

brucee

On 4/3/07, Lyndon Nerenberg <lyndon@orthanc.ca> wrote:
>
> On Apr 2, 2007, at 11:29 PM, Bruce Ellis wrote:
>
> > the code is very cool.  presto wrote it.  not sure if it's public
> > tho i have a limbo version.
>
> I guess I'm more curious about how to validate the database of source
> IP addresses in the face of tunneling.  The Nanog crowd simply foams
> at the mouth when this subject comes up.
>
> Has someone come up with a way to characterize packet flows through
> tunnels in a way that makes it possible to fingerprint the origin?
> That can fingerprint the client on the far end of Tor a pipe?
>
> --lyndon
>