Random ports? in

Random ports? in http://www.dslreports.com/forum/r20445027 en Tue, 02 Dec 2008 20:22:35 EDT Tue, 02 Dec 2008 20:22:35 EDT Re: Random ports? http://www.dslreports.com/forum/remark,20446723 espaeth :

said by skuv :

Encryption on the other hand can be hard to track, but that all depends on the setup of the session and if it can be tracked accurately through a signature.

It can be heuristically tracked in aggregate by looking at the connection stats. P2P traffic is easy to spot if you look at active TCP session number stats per IP address.]]> http://www.dslreports.com/forum/remark,20446723 Wed, 07 May 2008 15:54:08 EDT Random ports? http://www.dslreports.com/forum/remark,20445027 anon : Random ports don't affect Sandvine or other DPI boxes. They see the headers in the packet, they know it's P2P no matter what port it is on.

Encryption on the other hand can be hard to track, but that all depends on the setup of the session and if it can be tracked accurately through a signature.

But I do know that encrypted NNTP just shows up as SSL to DPI, no way to know it's NNTP in there.]]> http://www.dslreports.com/forum/remark,20445027 Wed, 07 May 2008 11:10:37 EDT