|
|
|
|
|
|
by jackdawjack
4091 days ago
|
|
|
I think this might be a daft question, but why can't they inject packets with a (roughly) appropriate TTL for the current sequence that they're hijacking? From the two examples shown one might think they're picking ttl's more randomly |
|
|
In case anyone is confused: we're now talking about the TTL of the packets coming from hijackers, whereas I was originally talking about the TTL of the packets going towards Baidu and the hijackers. The TTL the hijackers send won't affect the tracing method I was suggesting.