On 04/21/2012 08:41 PM, Pascal wrote: > MAC addresses are used by layer 2 protocols (see > https://en.wikipedia.org/wiki/OSI_model ). Once an IP packet traverses a > layer > 3 device (such as a router) the srcMac has been changed to that of the > router's > egress interface. Unless your ISP provided your router, srcMac identifies > only > which router the packet came from, not the particular client. > > Decent routers randomize source ports to prevent traffic correlation (makes it > harder to confirm that two streams from the same router came from the same > client).
Well, yes. That's exactly the point why they want to store (srcPort, srcIP) <-> srcMac mapping so that they can identify people with private IPs hidden behind NAT. Ondrej _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
