tcpdump mailing list archives
Re: [Ext] Re: IP Address Anonymization Feature in tcpdump
From: Denis Ovsienko <denis () ovsienko info>
Date: Wed, 16 Oct 2024 19:55:41 +0100
On Fri, 27 Sep 2024 14:05:16 -0500 Nik Sultana via tcpdump-workers <tcpdump-workers () lists tcpdump org> wrote:
In the meantime, we wanted to share a 10-minute video prepared by Alberto to explain and demo this work: http://www.cs.iit.edu/~nsultana1/files/tcpdump-cryptopANT.mp4
Thank you for publishing the video. One of the interesting points is
showing that the anonymised and then deanonymised .pcap file is exactly
identical to the original .pcap file.
Another interesting point is that in the part that compares protocol
layers in the .pcap files side by side the MAC addresses remain intact
after the anonymisation. Arguably, a MAC address can be seen as a more
permanent piece of personal data compared to an IP address, and Ethernet
OUI is always 48 bit long, so MAC address mapping in principle does not
look more complicated than it is for IPv4 and IPv6. Is it just outside
of scope of the project, or there is a more fundamental reason why it
cannot be done?
--
Denis Ovsienko
_______________________________________________
tcpdump-workers mailing list -- tcpdump-workers () lists tcpdump org
To unsubscribe send an email to tcpdump-workers-leave () lists tcpdump org
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
Current thread:
- Re: [Ext] Re: IP Address Anonymization Feature in tcpdump Denis Ovsienko (Oct 16)
- Re: [Ext] Re: IP Address Anonymization Feature in tcpdump Denis Ovsienko (Oct 16)
- Re: [Ext] Re: IP Address Anonymization Feature in tcpdump Alberto Perez Bogantes via tcpdump-workers (Nov 05)
- Re: [Ext] Re: IP Address Anonymization Feature in tcpdump Denis Ovsienko (Oct 16)