As far as I was able to find one defense against TCP/IP stack fingerprinting is blocking outgoing ICMP entirely and disabling replying to ICMP requests on the defensive host, but this could be somehow wrong since it's stated that just inspecting the initial TTL and window size fields could be enough.
Wonder what is a good way to disguise VPN usage (any VPN implementation) at OS level. On 6/16/2016 8:34 PM, Mirimir wrote: > On 06/16/2016 10:51 AM, s7r wrote: >> Hello grarpamp, mirmir >> >> Speaking of, there is this website: >> http://ipleak.com/ >> >> If you go to Proxy/VPN in the left menu it will show you some info >> related to vpn usage detected. >> >> In my latest firefox it says: >> >> First seen 2016/06/16 16:47:04 >> Last update 2016/06/16 16:47:04 >> Total flows 1 >> Detected OS Windows 7 or 8 >> HTTP software Firefox 10.x or newer (ID seems legit) >> MTU 1406 >> Network link OpenVPN TCP bs64 SHA1 lzo >> Language English >> Distance 11 >> >> >> Where I use exactly OpenVPN in TCP mode. In Tor Browser this is not >> detected. > > It won't work in Tor Browser using Tor, because Tor isn't just TCP/IP. > If you mangle Tor Browser to work without Tor, you'll see it. > >> I am not sure how reliable is this tool, but what's the trick in normal >> firefox to disable this so that networking info is not revealed any >> more? How is this information gather by this website? > > I'm not aware that it's blockable. It's not an HTML5 thing. Read up on > TCP/IP stack OS fingerprinting. > -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
