gheezer
Compooters R Us
Premium
join:2002-12-20
Henrietta, NY
| reply to G_Poobah
Re: I love the new encryption scheme!
Insults are meaningless.
I work Cisco every day in a network that services 2 Million customers. At command line. It's true.
I have been doing Computer work since 1982. Networking since 1988. I'm a bit more clueful than you realize.
There's NO NEED to inspect the packet. You watch the IP flow pattern at layer 3 and mark on the top talkers.
»netflow.cesnet.cz/
»manageengine.adventnet.com/produ···dex.html
»www.cisco.com/warp/public/732/pa···0604.pdf
it's you who aren't seeing this...read the article a bit closer, it says BOTH ends must be running the same encryption client. With the, thus far, limited distribution of the encrypted client, the netflow monitoring isn't seeing hundreds of simultaneous connections request, so the netflow monitering sees no need to throttle.
TOP TALKERS, no more, no less....and no reference to service port.
--
Join the NAVY, see the world....It's mostly water! |
|
G_Poobah
join:2004-01-17
Schenectady, NY
| reply to gheezer
*Sigh*.. I'll post one last time, since you obviously don't get it.. What's the TITLE of the subject? "Bit Torrent Encryption Beats Shaw Throttling"
You argue that encryption doesn't beat throttle. That's complete and total bullshit, and I've shown you the proof. Maybe it's possible you don't even know HOW encryption works, (and I quote your post "The source and destination addresses (at layers 2 and 3) CANNOT be encrypted".
(helpful hint from a real cisco engineer: Layer 2 MAC addresses aren't send beyond the switch.. that's why it's called a 'switch' and not a 'router')
There is no way to inspect an encrypted packet, unless you know some 'magic super decrypter' that does it or you are the NSA with the real time processing capabilities. ENCRYPTION defeats everything Shaw is trying to do to throttle torrents. PERIOD. Shaw will need to rip out all that worthless equipment, and install new equipment to TRY and defeat torrent traffic. And of course, the torrent makers will defeat THOSE techniques too.
As I said before "There are other options, of course, like limiting connections, etc. But that's not the issue.".
I researched your 'supposed' technique of 'ip flow pattern', and can't find it being used anywhere on a WAN basis. Then I realized, oh, wait, he's talking about Cisco Traffic Manager. I've used that! But it FAILED MISERABLY, and it NEVER WORKED WELL. In fact, Cisco gave up on it 2 years ago! It CAN'T work. The processing power and memory required to maintain a table of just ONE ports session states was huge. Try and scale that up to 10,000 nodes at once? There's no processor/memory combo even remotely powerful enough. Maybe I'm wrong, and your right. Please point me to this 'magic device' if it's available. (hint: a notebook based application ISN'T the same thing as an enterprise level processor. Monitoring one port, or even 100 ports is cake, Monitoring 10,000+ is impossible.
Go back to the original message. The objective of SHAW is to throttle torrent traffic. Not the entire connection. Not the total bandwidth, just torrent traffic. They can't do it. The internet wasn't designed that way, and encryption defeats all currently available methods of traffic shaping based on content.
--
Sure the internet has lots of porn and piracy, but I'm sure there's a downside to it. |
|
gheezer
Compooters R Us
Premium
join:2002-12-20
Henrietta, NY
1 edit | reply to gheezer
Bullshit. Traffic shaping can be done by netflow pattern, and can be protocol port independant.
IP FLOW PATTERN.
Hundreds of simultaneous incoming connection attempts destined for a single address.
1 in 5 can easily be discarded.
--
Join the NAVY, see the world....It's mostly water! |
|
G_Poobah
join:2004-01-17
Schenectady, NY
| reply to gheezer
have to reply, but what the hell are you talking about? Of course the upstream devices knows who I am, that's impossible to hide. But it's completely irrelevant to your misguided attempt to understand how encryption works. As the original post goes : If you ENCRYPT your bit-torrent traffic, the traffic shapers DON'T WORK. I described in detail exactly WHY they don't work. Because the info leaving your computer CANNOT be inspected with the technology they deployed. Period. Encryption defeats packet inspection, which is why I argue that ALL traffic should be encyrpted by default. Any crap about the ISP being able to see Layer 2-7 traffic is meaningless, as the encryption occurs BEFORE it leaves your PC. |
|
gheezer
Compooters R Us
Premium
join:2002-12-20
Henrietta, NY
| reply to G_Poobah
Packets can't get back to your PC without referencing your machine's IP Address. Without a MAC address, there's now way for your upstream router to ARP your CPE for the forwarding tables. Without a forwarding table entry, your packets go nowhere.
Your upstream device ALWAYS knows who you are.
Layer 2 and 3 aside, the service port you open is meaningless
as the BitTorrent/E-mule netflow pattern showing thousands of simultaneous inbound connection attempts to one CPE is well known and easy to spot.
--
Join the NAVY, see the world....It's mostly water! |
|
G_Poobah
join:2004-01-17
Schenectady, NY
| reply to gheezer
Umm, you use big words, but you don't know what they mean.
First of all, Encryption occurs at layer 2, in fact, they even have a NAME for it.. It's called L2TP (or Layer 2 Tunneling Protocol). You can set it up on your Windows PC very easily by creating a VPN connection.
How does this magic Layer 2 Tunneling protocol work? Why, it ENCAPSULATES (It's a big word, but you could look it up) the protocol inside the PPP, then it puts the entire package inside the frame (usually IP). So, from the OUTSIDE, the Man in the Middle (ISP) can see.. hmm.. everything from layer 1 (they own the switch) to layer 7. But they have NO IDEA WHAT'S INSIDE. Period. The PAYLOAD is the entire package. For all you know it could be a netbios frame! It PROTECTS you from ANY TRAFFIC SHAPING because it's an ALL or NOTHING approach. The ISP could throttle ALL encrypted traffic, or NO encrypted traffic. There's no middle ground.
So, given that the entire package of data from my pc to your pc has been encrypted, and the only way to unencrypt it is for your PC to have the correct key. Please tell me how they could determine WHAT PROTOCOL I was running? Am I running HTTP? Am I running SMTP? Am I running TELNET? Oh, wait, they CAN'T TELL. PERIOD.
So, there is NO WAY to selectively filter encrypted traffic on a protocol level. The entire concept of trying to 'throttle' encrypted torrent traffic by packet inspection is pointless, since they can't tell it's torrent traffic.
There are other options, of course, like limiting connections, etc. But that's not the issue. The issue is all that expensive, fancy equipment they bought is now a worthless piece of electronics. In fact, most of the vendors have a FAQ saying 'yes, encryption will defeat our devices, but we expect congress to outlaw encryption'.
--
Sure the internet has lots of porn and piracy, but I'm sure there's a downside to it. |
|
Shark_615
join:2006-01-17
Pickering, ON
| reply to TKJunkMail
Don't bother posting a reply to That idiot(G_Poobah).
He is a naive, unrealistic communist troll who needs to move out of his parents house into the real world. He tried to move to N. Korea but they denied him due to his extremely stupid views on pretty much anything.
His most used tactic if you disagree with you is to ignore the post, or claim you are a pro-corp apologist fascist (doesn't make sense to me either) or that you work for _insert ISP Here_. He does this to avoid thinking thus possibly realizing he was wrong. |
|
gheezer
Compooters R Us
Premium
join:2002-12-20
Henrietta, NY
1 edit | reply to G_Poobah
Since the devices at layers 2 and 3 are NOT running this encryption scheme, (being that the company doing the throttling actually OWNS that equipment), THAT information can NOT pass encrypted.
Had you ever done a NETFLOW analysis (highly unlikley), the UNTHROTTLED encrypted activity pattern sticks out like a sore thumb.
The source and destination addresses (at layers 2 and 3) CANNOT be encrypted. For the packets to be delivered, they MUST be legible to the devices doing the forwarding.
All encryption does is scramble the PAYLOAD. Encryption protects you from the xxAA's, not network traffic shaping.
The ONLY reason it APPEARS to work is the limited distribution, thus far, of encryption clients. (in order for it to work, both sides have to encrypt identically).
--
Join the NAVY, see the world....It's mostly water! |
|
Combat Chuck
Too Many Cannibals
Premium
join:2001-11-29
Erie, PA
| reply to G_Poobah
said by G_Poobah  :Oooh, the corporate apologists all post within a 20 minute window? And now I'm gonna change the subject cause thats all I got. I may have edited that a bit. You know...just in case anyone was confused by your sudden concern with explaining the two ways you know how to throttle a protocol.
--
Asking those who disagree with you to find support of your arguements is like asking an assailant if you can borrow his gun. |
|
ssj4android
Redefining Reality
join:2002-04-14
Wyoming, MI | reply to G_Poobah
How is Azureus working proof that he works for Comcast? |
|
toadlife
Premium
join:2004-05-03
Lemoore, CA | reply to G_Poobah
Simple solution. If the traffic is encrypted, throttle it. |
|
G_Poobah
join:2004-01-17
Schenectady, NY
| reply to TKJunkMail
Oooh, the corporate apologists all post within a 20 minute window? how could that possibly be..
Professional Astroturfers are not allowed to say they are paid by megacorp .. Well, DUH.. That kind of disclosure would be like.. hmm.. oh the bush administration admitting they are wiretapping citizens without warrants, and we all know how that turns out. Oops, gotta be careful about criticizing the administration, heard cheney is being sent out as a hitman now.
The point is that there are only TWO ways to throttle traffic. The old school way is port throttling. You set your switch to drop traffic on port XXXX until the bandwidth is low enough. That of course causes the clients to do a massive number of retries, which slows down the PC until the software is smart enough to throttle itself (at the OS level)
Option 2 is deep packet scanning. In fact, they are using the ellacoya switch at several of their hubs. They have used several others, but last I heard they hadn't finalized the vendor yet. Again, I ramble. In order for a deep packet inspection to work, the traffic needs to have VISIBLE and UNDERSTANDABLE header information. If you've ever looked at a TCP dump (possible), you'd understand that in order for an inspection to work, you need to be able to determine exactly WHAT is in the packet. Once the keys are exchanged, all these 'deep inspection devices' go to hell, as all they can tell is that it IS traffic, but have zero idea WHAT traffic it is.
Proof? Why.. Azureus and utorrent work again! How could you possibly need more proof than that? Once everyone upgrades their clients, the war starts all over again.
--
Sure the internet has lots of porn and piracy, but I'm sure there's a downside to it. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
| reply to G_Poobah
said by G_Poobah :In any case, rumor is he's paid by comcast to post here. (and yes, he works for comcast outside of Philly). Rumor is wrong as I stated here once before. I'm retired. And your out and out claim that I work for Comcast outside of Philly is based on what? Do you just make up things on purpose or do you have dreams where you can't tell fact from fantasy?
--
--
Join Red Room Forum
My Web Page
Conrail Photo Album |
|
Combat Chuck
Too Many Cannibals
Premium
join:2001-11-29
Erie, PA
| reply to hobgoblin
said by hobgoblin :Sort of like you are doing now eh? You might as well as ignore Poo, he likes to say his ridiculous crap and then disappear once called on it.
His newest tactic is to say that anyone who doesn't agree with him is the same person, or is paid by this or that. I assume it makes him feel better since he can't defend his opinions logically once confronted.
I'm still waiting for him to explain how pointing out that encryption isn't going to help for long is pro corporate propaganda:
»Bit Torrent Encryption Arms Race
--
Asking those who disagree with you to find support of your arguements is like asking an assailant if you can borrow his gun. |
|
AnonName
@kaballero.com | reply to G_Poobah
Definately like the new icon better than a puking twelve year old... |
|
hobgoblin
Sortof Agoblin
Premium
join:2001-11-25
Orchard Park, NY
clubs:
| reply to G_Poobah
Poo Bear posted
"Common tactics include, but are not limited to, diverting the conversation off on a tangent,"
Sort of like you are doing now eh?
Hob
--
"A foolish consistency is the hobgoblin of little minds." - Ralph Waldo Emerson |
|
G_Poobah
join:2004-01-17
Schenectady, NY
1 edit | reply to GigahertZ420
He's just a troll.
In any case, rumor is he's paid by comcast to post here. (and yes, he works for comcast outside of Philly). Comcast admitted about 6 months ago on an internal memo that they have, and have had for several years, professional 'astroturfers' to try and counter the anti-comcast rhetoric that sprouts up. (sort of like what happens with walmart). Paying someone 400.00/week to try and obfuscate msg boards is an easy way to take advantage of the simple minded at low wages, and has the added benefit of amusing even the moderately intelligent people of their desperate attacks.
There's a couple of other posters who work for the bells, etc. They aren't hard to spot, as they follow the scripts their handlers give them to attempt to counter any comments that make their paid supporters look bad. Common tactics include, but are not limited to, diverting the conversation off on a tangent, blaming it on 'criminals', telling them to 'start their own isp', and the classic 'it's their lines, they paid for it'. It's sort of fun to watch them post, almost at the same level of zoo monkeys throwing feces. They don't really affect anything, but you have to grin at their antics.
--
Sure the internet has lots of porn and piracy, but I'm sure there's a downside to it. |
|
firephoto
KDE
Premium
join:2003-03-18 | reply to GigahertZ420
They probably just keep changing his meds but they most certainly are always the red pills no matter what they are.
--
Location: +48° 5' 23.40", -119° 48' 30.00" |
|
GigahertZ420
join:2001-10-02
Fairbanks, AK
| reply to TKJunkMail
said by TKJunkMail :said by GigahertZ420 :Incorrect or purposely incorrect? I ask this because I see you regularly post with different names and different locations... Just makes me and many others kind of wonder...;) Just trying to bring a little mystery into your drab lives.:D Well as some may have alluded, the question may be which company(s) pays you to post here? You seem to regularly have a sympathetic ear to corporations and their "draconian" policies, but if your a stockholder that would explain it all...:)
I personally would like to render any and all ISP's throttling completely ineffective through VPN, encryptions, or other methods. Nothing like making a $50,000 peice of hardware utterly worthless and letting management know they should have invested that money in decent routers, switches, and backbone gear.
That and the fact that BitTorrent being an increasingly utilized method for legitimate downloads LINK makes any companies that cap/throttle look dumb and customer unfriendly |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| reply to GigahertZ420
said by GigahertZ420 :Incorrect or purposely incorrect? I ask this because I see you regularly post with different names and different locations... Just makes me and many others kind of wonder...;) Just trying to bring a little mystery into your drab lives.:D
--
--
Join Red Room Forum
My Web Page
Conrail Photo Album |
|
