(no title)
azim
|
15 years ago
It's unlikely AT&T is doing anything fancy at this point, but there's potentially much more to detection than TTL. NAT devices make an attempt to be transparent at layer 4 and try not to interfere with it. Host OS fingerprinting can rely on a combination of options at that layer as well including but not limited to windowing scaling MSS. If AT&T cared to go the distance, it would be very difficult to get around detection without interfering with the TCP/IP stack.
vetinari|15 years ago