Topic 'Re: International Deep packet inspection?' in forum 'Security' - dslreports.com

Re: International Deep packet inspection?

Fri, 14 Dec 2012 18:05:04 EDT

norwegian posted :
I gather technology such as this will be in house and the employees may have to sign documents to restrict exploiting the technology outside of their protocol.

If it was open source, it would be bypassed within the month. :)
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke

Re: International Deep packet inspection?

Thu, 13 Dec 2012 18:20:17 EDT

HELLFIRE posted :

Document restricted to TIES users [ITU-T]

...figures.

Regards

Re: International Deep packet inspection?

Tue, 11 Dec 2012 07:04:16 EDT

norwegian posted :
Yep - I'm getting a little old and forgetting more these days.

»www.itnews.com.au/News/325490,it···ars.aspx
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke

Re: International Deep packet inspection?

Mon, 10 Dec 2012 20:31:21 EDT

HELLFIRE posted : Now that I think about it, got a link to the original article norwegian?

Having worked with packet sniffing software before -- wireshark, tcpdump, etc -- this is nothing new,
and reading bits on the wire really is a function of a) being able to plug into the medium -- your local
electronics shop just doesn't carry a a 100Gbit PHY NIC card, b) being able to read and decode the
frames at wirespeed, and c) being able to act on them in time, which having read enough captures in
realtime on a supposedly "quiet" network is next to impossible for a human.

I'm more curious what they're proposing here? Like an XML format / standard for this?

Regards

Re: International Deep packet inspection?

Mon, 10 Dec 2012 06:15:58 EDT

NormanS posted :

said by HELLFIRE:

Big Brother is now watching you online....

I will begin work, shortly, on the GFMFTP. The idea is to make all packets look like ...
[ATT=1]
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum

... this.

Re: International Deep packet inspection?

Sun, 09 Dec 2012 22:39:24 EDT

antdude posted :

said by HELLFIRE:

Big Brother is now watching you online....

Regards

And in person, offline!

Re: International Deep packet inspection?

Fri, 07 Dec 2012 19:21:56 EDT

HELLFIRE posted : Big Brother is now watching you online....

Regards

Re: International Deep packet inspection?

Fri, 07 Dec 2012 18:49:29 EDT

norwegian posted :
Ah......guilty until proven innocent eh. I'm sure it was once the other way around.

Re: International Deep packet inspection?

Fri, 07 Dec 2012 18:44:20 EDT

Blackbird posted :

said by norwegian:

... That last part, why would it matter if traffic was encrypted - sounds like there is fear at the Union that all encrypted traffic is bad?

Obviously, only criminals would ever want to hide their traffic content... :uhh: ;)
--
“The American Republic will endure until the day Congress discovers that it can bribe the public with the public's money.” A. de Tocqueville

International Deep packet inspection?

Fri, 07 Dec 2012 18:38:13 EDT

norwegian posted : Interesting...

The International Telecommunications Union (ITU) has adopted a new deep packet inspection standard that appears to have implications for users of file sharing and instant messaging services.

ITU communications officer Toby Johnson said in the blog post that the standard will enable ISPs to "manage network traffic more efficiently and thereby heighten users' quality of service and quality of experience".

"does not allow access to users' private information and allows measures to ensure the secrecy of correspondence", instead providing "for efficiencies in network management demanded by application and service-aware networks such as Smart Pipe, Network Intelligence Capability Enhancement (NICE), Smart Ubiquitous Networks (SUN) and Content Centric Networking (CCN)".

Despite Johnson's reassurances that the standard will not violate privacy, it contains examples of how to "identify uploading BitTorrent users" and counting instant messages via the Jabber or XMPP protocol with Spanish text.

Example II.3.4 is named "Forwarding copy right [sic] protected audio content" which is done by "checking on embedded digital watermarks in MP4 data".

The standard also provides examples of how to detect file transfers in general with the FTP and TCP protocols, and how to block Session Initiation Protcol messages used for VoIP "with specific content types" with particular users being identified through application information.

Malware blocking is another area that the standard could be applied to.

Encrypted, compressed and transcoded data can also identified by the standard, including IPsec traffic in tunnel and transport mode, and which is authentication header protected.

Depending on the level of encryption, the availability of a local decryption key and conditions based on the coded information, DPI signatures could be applied to obfuscated traffic, the standard stated.

That last part, why would it matter if traffic was encrypted - sounds like there is fear at the Union that all encrypted traffic is bad?
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke