MagnusTheRed90 Posted February 8, 2020 Share Posted February 8, 2020 Is it possible to statistically or via some algorithm to see through NAT on a router on the internet. I don't necessarily want to preform anything, I simply want to know. This is curiosity. Link to comment Share on other sites More sharing options...
digininja Posted February 8, 2020 Share Posted February 8, 2020 In what way see through it? Link to comment Share on other sites More sharing options...
MagnusTheRed90 Posted February 9, 2020 Author Share Posted February 9, 2020 I was wondering if from the outside the ISP could readily determine what individual computers on the other side of the router would be doing, example http browsing, while simultaneously accounting for the new Session Ids of the NAT table. They rotate or something. I was wondering if it was possible to see through the NAT configurations. Link to comment Share on other sites More sharing options...
digininja Posted February 9, 2020 Share Posted February 9, 2020 If you can see all the network traffic coming out of the router, then you might be able to fingerprint distinct devices based on profiling the network traffic, see p0f for examples of how that works. You could then tie that to the protocols in use, for example you could identify a Linux and a Windows box and see the Linux box doing sporadic HTTP/HTTPS traffic while the Windows box is talking VOIP. From that you could say roughly what was going on. But you can't see through a router, you can only see what is coming out of it. Link to comment Share on other sites More sharing options...
MagnusTheRed90 Posted February 10, 2020 Author Share Posted February 10, 2020 Would social media identifiers be transmitted via url? From what I understand DNS is not encrypted right? Link to comment Share on other sites More sharing options...
digininja Posted February 10, 2020 Share Posted February 10, 2020 Traditional DNS isn't but the newer DoH is. What do you mean by identifiers? What is your ultimate question? You seem to be aiming towards something. Link to comment Share on other sites More sharing options...
MagnusTheRed90 Posted February 10, 2020 Author Share Posted February 10, 2020 Question is simply about Network Allocation Tables. Not really aiming at much. Short story I may have seen a trick that I don't know how to quantify, but I could be barking up the wrong tree however. Perhaps you should tell me what kinds of information p0f can tell you. Can it narrow it down to operating system and machine build? Link to comment Share on other sites More sharing options...
digininja Posted February 10, 2020 Share Posted February 10, 2020 Explain the trick and why not see if we can quantify it for you. And rather than asking me to explain p0f, why don't you do some research and find out for yourself what it can do. Link to comment Share on other sites More sharing options...
MagnusTheRed90 Posted February 12, 2020 Author Share Posted February 12, 2020 I am sorry. I will research p0f. The trick is simply that I got the impression that people knew more about where I was browsing than they should in public places. Things like what I had ordered in my previous shopping cart. The computers have been rebuilt a few times. I lived in my parents house with several other people, so they should have not been able to differentiate between a sys-admin's traffic and a software developers. Link to comment Share on other sites More sharing options...
digininja Posted February 12, 2020 Share Posted February 12, 2020 It is highly unlikely your friends are going to be able to sit upstream of your router and sniff traffic, if they could do that, then your ISP would be in a lot of trouble. As long as you are browsing your shopping sites over HTTPS, then even if they could sniff the traffic, all they would see is encrypted data which they wouldn't be able to decrypt Not sure what the comment about sys admin vs developers traffic has to do with anything, and if you are worried about your router, what does browsing in a public place have to do with it? Link to comment Share on other sites More sharing options...
MagnusTheRed90 Posted February 12, 2020 Author Share Posted February 12, 2020 Well, thanks anyway digininja. There probably has to be some other explanation to what was happening. I'm not trying to be creepy or anything. I typically would not be on a hacker site. Link to comment Share on other sites More sharing options...
digininja Posted February 12, 2020 Share Posted February 12, 2020 There usually is. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.