I think the observed TTL 64 means the interceptor is on the same segment? (of co...

Jenda_ on Oct 21, 2023 | parent | context | favorite | on: Encrypted traffic interception on Hetzner and Lino...

I think the observed TTL 64 means the interceptor is on the same segment? (of course unless they have set it to e.g. 66 at the interceptor that is 2 hops away, but I guess if they were to mangle TTL, they would set it to the original value to avoid detection)