[e2e] Detecting middle boxes
Christian Huitema
huitema at windows.microsoft.com
Mon Feb 11 12:08:02 PST 2002
> I think my reply to David earlier was lost, but I like the idea of
> trying to find ways for the ends to detect middle boxes. One
unoriginal
> idea might be to use traceroute style packets using common middle box
> altering packet types. So instead of the typical ICMP/UDP traceroute
> packets, use TCP port 25, 53 or 80 packets, increasing the TTL to map
> out the route.
A simple solution to detect a class of proxies is to have a cooperative
responder on the Internet, to try to connect using port 25, 53, 80,
etc., and to have the responder provide a response that returns the
characteristics of the connection. If you want to do this seriously, the
response should contain a hash of the incoming message (detect
tampering) + a copy of the incoming IP address and port (detect address
rewriting and port mapping); the response should be signed.
-- Christian Huitema
More information about the end2end-interest
mailing list