Re: Comcast is using Sandvine to manage P2P Connections

Author	All Replies
funchords Hello Premium,MVM join:2001-03-11 Washington, DC ·Verizon Online DSL ·Skype 2 edits	reply to funchords Re: Comcast is using Sandvine to manage P2P Connections I found a patent application by Sandvine where they describe a proxy server between a network segment and the Internet. Of extreme interest is the handling of the judgment of the Application Analysis device -- it is described on Page 19 of the PDF and shown on Page 4 of the PDF. said by Sandvine Patent Application 20040006643-TCP proxy providing application layer modifications : [0097] State machine 100 will on occasion need to generate segments, for example when: •[0098] a) sending ACK segments to the sender to force the sender's rapid re-transmit algorithm to activate; •[0099] b) sending ACK segments to the sender when entire segments are deleted by application layer analysis module 104; and •[0100] c) sending RST segments in both directions* when the flow is forcibly terminated by application layer analysis module 104.* [0101] This generation of segments is handled by segment generation module 106. That describes exactly what I'm seeing! The entire application makes great reading, but it's quite technical. It's literally a Master Class on how to successfully perform a man-in-the-middle attack -- not just using RST to tear down connections. It describes how to replace original data and forge the packets, checksums, fragmentation, ACKs, Sequence Numbers, and etcetera to make the replacement undetectable by the two peers that are exchanging the data! Attached is a PDF, with my comments on Pages 4 and 19 (I really had trouble with the images US Patent Office's site - click HERE), so I made the PDF. Sandvine Pat···6643.pdf 1055763 bytes Sandvine Patent Application 20040006643-TCP proxy providing application layer modifications I'm feeling pretty vindicated right now. Someone in Comcast's PR department needs to get an education on what's really in their network! -- Robb Topolski -= funchords.com =- Hillsboro, Oregon USA Are you affected by Comcast's RST forging? How to test it! -or- Read my original report.
	to forum · permalink · · 2007-08-24 19:55:11 · (locked)
alucard_x join:2003-10-19 Philadelphia, PA	interesting find.. perhaps we have enough pieces to figure out a solution.
alucard_x join:2003-10-19 Philadelphia, PA	to forum · permalink · · 2007-08-24 20:24:58 · (locked)
EG The wings of love Premium join:2006-11-18 Union, NJ 2 edits	reply to funchords I have been following this thread from the beginning, and although I'm not affected by this (yet ?), but for what it is worth, I felt that I had to say that have really done your homework Mr. Funchords ! I've have found this thread to be very interesting reading and I'm certain that you have opened many eyes and enlightened many readers, and for that you deserve an A+
	to forum · permalink · · 2007-08-24 20:58:43 · (locked)


Wednesday, 10-Feb 01:52:57	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10.5 years online! © 1999-2010 dslreports.com. page compression OFF