Full Disclosure mailing list archives

Re: client - server

From: "Matteo Giannone" <rebonzo () libero it>
Date: Mon, 28 Feb 2005 17:59:33 +0100

I have made all tests on that website : none revealing informations that can
recognize me. I mean: if mozilla would send its SERIAL NUMBER (if it exsts) that
is a way to identify my own copy of mozilla.

which informations can a server get about a client running M$ windows XP ?
I cannot access a website because i have been "banned" and I'd like to
understand how they recognize me for sure.


All sorts of stuff. Visit browserspy (http://gemal.dk/browserspy/) for a 
bunch of tests. Java is one excellent way to steal the goods (and many 
browserspy tests use that).

The 'short' answer is, however, probably a simple IP check.


I mean:
- a simple ip check doesn't work with dynamic addresses...
- cookies can be deleted
- computer name can be changed
- mac address can be changed (even I wasn't able to, because I have a usb dsl
modem and I cannot change its MAC working with regedit or using tools like smac )


MAC address? That's not visible past the DSLAM. As for dynamic 
addresses, have you kept track? I have (supposed) dynamic addresses at 
home and it's not changed in over a year.

You should dump the DSL modem and get a conventional ethernet one. Then 
change the MAC on your ethernet card at will (this will get you new 
addresses). There probably is a way to access the innerds of the USB one 
but you'd probably have to take it apart and locate the serial port.

~Mike.


Anything else ?
How the hell do they recognize me ?

Matteo Giannone




____________________________________________________________
6X velocizzare la tua navigazione a 56k? 6X Web Accelerator di Libero!
Scaricalo su INTERNET GRATIS 6X http://www.libero.it



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




____________________________________________________________
Navighi a 2 MEGA e i primi 3 mesi sono GRATIS. 
Scegli Libero Adsl Flat senza limiti su http://www.libero.it



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: client - server, (continued)
- - Re: client - server Gautam R. Singh (Feb 28)
- Re: client - server Michael Holstein (Feb 28)
  - Re: client - server Micheal Espinola Jr (Feb 28)
- Re: client - server Marcus Specht (Feb 28)
- RE: client - server Aditya Deshmukh (Mar 01)
  - RE: client - server fd (Mar 02)
- Re: client - server Matteo Giannone (Feb 28)
  - Re: client - server Michael Holstein (Feb 28)
  - Re: client - server Micheal Espinola Jr (Feb 28)
  - Re: client - server Gautam R. Singh (Mar 01)
- Re: client - server Matteo Giannone (Feb 28)