dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1417
share rss forum feed


gatorkram
Need for Speed
Premium
join:2002-07-22
Winterville, NC
kudos:3
Reviews:
·Suddenlink

My ISP does it too...

I have used wireshark a few times to verify that my isp is also sending out the RST packets, blocking unencrypted upstream seeding.

What we need now, is an automated site and script, that people can submit their wireshark logs to, as proof, and to also filter out the normal stuff, and make a public log of the actual fake/forged packets.

It is my understanding, the way this system is working, it not only sends fake packets to people on the isp that is running this sandvine equipment, but it also sends fake packets to the other peers involved.

It seems to me, some of these other victims isps might want to know that forged and abusive packets are being sent to their end users...
--
Give me bandwidth or give me death!
»/testhistory/661871/4f240


Tsume
Premium
join:2004-02-23
Johnson City, TN
Reviews:
·Comcast
said by gatorkram:

I have used wireshark a few times to verify that my isp is also sending out the RST packets, blocking unencrypted upstream seeding.

What we need now, is an automated site and script, that people can submit their wireshark logs to, as proof, and to also filter out the normal stuff, and make a public log of the actual fake/forged packets.

It is my understanding, the way this system is working, it not only sends fake packets to people on the isp that is running this sandvine equipment, but it also sends fake packets to the other peers involved.

It seems to me, some of these other victims isps might want to know that forged and abusive packets are being sent to their end users...
I know for a fact that COX in Humboldt County, CA (Eureka/Goleta area) was doing this before they sold to Suddenlink, so it would be no surprise to me if other Suddenlink areas are doing the same.


jester121
Premium
join:2003-08-09
Lake Zurich, IL
reply to gatorkram
said by gatorkram:

It seems to me, some of these other victims isps might want to know that forged and abusive packets are being sent to their end users...
Abusive packets? Victim ISPs? Boy, you really know how to paint a word picture.

You do know that RST is a perfectly useful part of the TCPIP protocol suite, right? They don't cause shorts in cables or cause routers to crash or anything like that.


gatorkram
Need for Speed
Premium
join:2002-07-22
Winterville, NC
kudos:3
Reviews:
·Suddenlink
said by jester121:

said by gatorkram:

It seems to me, some of these other victims isps might want to know that forged and abusive packets are being sent to their end users...
Abusive packets? Victim ISPs? Boy, you really know how to paint a word picture.

You do know that RST is a perfectly useful part of the TCPIP protocol suite, right? They don't cause shorts in cables or cause routers to crash or anything like that.
Just because an RST packet is part of the normal operation of the tcp/ip protocol, doesn't mean unexpected or other abuse of the packet doesn't cause issues.

People used to disconnect clients from IRC and entire servers using such attacks. It can indeed be very disruptive.

So, to allow one isp, to send these packets to another, in my book, is a form of abuse.

Maybe you don't understand what the sandvine equipment is doing?
--
Give me bandwidth or give me death!
»/testhistory/661871/4f240


jester121
Premium
join:2003-08-09
Lake Zurich, IL
said by gatorkram:

Just because an RST packet is part of the normal operation of the tcp/ip protocol, doesn't mean unexpected or other abuse of the packet doesn't cause issues.

People used to disconnect clients from IRC and entire servers using such attacks. It can indeed be very disruptive.

So, to allow one isp, to send these packets to another, in my book, is a form of abuse.

Maybe you don't understand what the sandvine equipment is doing?
No, I'm pretty much up to speed. On the other hand, you've shown pretty clearly that you have no clue about what's happening. Just because a feature of technology gets used for a purpose that it wasn't intended for doesn't mean it's "abuse".

There are plenty of perfectly legitimate uses for RST packets in a network. Sandvine uses what I think is a pretty clever method to take this functionality and shut down unwanted P2P connections. I'd liken it to the early spam blocker services that took the functionality of DNS and used it to create very efficient, fast blacklists of spammer IP addresses. DNS was never intended to support such functionality but it's become a very useful tool against spammers over the years.


gatorkram
Need for Speed
Premium
join:2002-07-22
Winterville, NC
kudos:3
Reviews:
·Suddenlink
A fake and forged packet, is a fake and forged packet, no matter what you want to dress it up as.

For anyone to use a device that not only sends these forged packets across their own networks, but across to someone elses, is clearly abuse.

I hope some network operators that don't support these sandvine devices step up to the plate, and address these issues.

If I was sending out forged packets, you can bet I'd be in trouble.
--
Give me bandwidth or give me death!
»/testhistory/661871/4f240

bradt6

join:2002-01-10
Saint Paul, MN
reply to jester121
I say we use sandvine to RST all of jester121's HTTP packets. Keep his ignorant rantings off the board.

What's good for the goose...


gaforces
United We Stand, Divided We Fall

join:2002-04-07
Santa Cruz, CA

2 edits
reply to jester121
Networks who abuse the internet by using sandvine should be cut off completely from the rest of us.
Then you can have your own private net, ripoff as many of your customers as you want, then it wont affect the rest of us who actually get what our ISPs advertise to us and can handle the loads.

Those networks using sandvine are putting strain on the rest of the WORLD's networks by thier blocking.
Taking money out of networks pockets world wide!
Should be thier new slogans.


jester121
Premium
join:2003-08-09
Lake Zurich, IL
said by gaforces:

Those networks using sandvine are putting strain on the rest of the WORLD's networks by thier blocking.
Taking money out of networks pockets world wide!
Should be thier new slogans.
hehe... I've GOT to hear an explanation for this one. Are they hurting the environment and killing baby seals too?


gaforces
United We Stand, Divided We Fall

join:2002-04-07
Santa Cruz, CA
said by jester121:

said by gaforces:

Those networks using sandvine are putting strain on the rest of the WORLD's networks by thier blocking.
Taking money out of networks pockets world wide!
Should be thier new slogans.
hehe... I've GOT to hear an explanation for this one. Are they hurting the environment and killing baby seals too?
The legal torrents that millions of people use every day, are being blocked by these networks using sandvine, which puts the load on the networks who dont block, its all there in plain english.
--
‘Do ye, quieting in your bosoms your strong hearts,
Who of many good things have had your fill even to surfeit,
With what is moderate nourish your mighty desire; for neither will
We yield, nor shall you have all else as you wish.’
Solon