start with basics:
- install
iperf
on every device you can between an external device and your internal host(s) and use it to find any bottlenecks - use tools like
tcpdump
to analyze packets flowing over the network. you can often find surprising results this way - start with a simple test best (again,
iperf
) with the most simple config (no nginx etc) and add the complexity of your config bit by bit until the issue returns
a surprisingly disappointing article from ars, i expect better from them.
the author appears to be confusing “relay attacks” with “cloning” and doesn’t really explain the flow of the attach that well.
really this just sounds like a complicated MitM attack, using the victim’s phone as the “middle” component between the victim’s physical card and the attacker’s rooted phone.
the whole “cloning the UID attack” at the end of the article is irrelevant, NFC payment cards don’t work like that.