Comments on: Helping to ID p2p users http://www.p2pnet.net/story/5677 p2pnet.net - reader powered Mon, 23 Nov 2009 14:19:04 -0600 http://wordpress.org/?v=2.8.4 hourly 1 By: Reader's Write http://www.p2pnet.net/story/5677/comment-page-1#comment-17383 Reader's Write Mon, 25 Jul 2005 19:49:26 +0000 #comment-17383 An Encrypted Virtual Private Network link to a computer located in a country that protects the rights of its citizens over corporate interests would show up on an ISP's network monitoring computer as a a VPN link. All the traffic would be encapsulated within this VPN stream. Unfortunately, there will be a time when just about all Internet connections to be monitored. When tht time comes, the only way to have privacy will be via FreeWan. (A freeWan is a local wireless network.) Fortunately, there is a FreeWan cell in my area. For the moment, I use FreeNet and I2P. Unfortunately, it will take the hackers to get the idea of FreeWan rolling. I say unfortunately because hackers have been given a bad name by the press. Hackers will have a tough time convincing people to go along with the idea of neighbrhood networks, especially if they are not connected to the Internet. It will take quite a few RIAA and MPAA victims to be sued before people get the idea I personally like the idea of the drive by download. This is how I get my entertainment. On my way home from work, I stop within range of a local FreeWan cell and spend about 5 to 10 minutes for a my nightly movie to download. I sometimes even borrow a movie from a friend and upload it to the cell. Eventually, the **AA's will be forced to accept the fact that customers are in control and not them. They may be forced to make their money solely by advertising ontained within a scene of a movie (the hero wearing K-Swiss shoes, or a Coke machine in the backgroud, or even a billboard displayed in a road scene). There still is money to be made in media entertainment, and fortunately, there is the chance of the common man to get in on the profits. I watched "The Scene" http://www.welcometothescene.com and have found a well made story that looks like it costed very little to set up. An Encrypted Virtual Private Network link to a computer located in a country that protects the rights of its citizens over corporate interests would show up on an ISP’s network monitoring computer as a a VPN link. All the traffic would be encapsulated within this VPN stream. Unfortunately, there will be a time when just about all Internet connections to be monitored. When tht time comes, the only way to have privacy will be via FreeWan. (A freeWan is a local wireless network.) Fortunately, there is a FreeWan cell in my area.

For the moment, I use FreeNet and I2P. Unfortunately, it will take the hackers to get the idea of FreeWan rolling. I say unfortunately because hackers have been given a bad name by the press. Hackers will have a tough time convincing people to go along with the idea of neighbrhood networks, especially if they are not connected to the Internet. It will take quite a few RIAA and MPAA victims to be sued before people get the idea

I personally like the idea of the drive by download. This is how I get my entertainment. On my way home from work, I stop within range of a local FreeWan cell and spend about 5 to 10 minutes for a my nightly movie to download. I sometimes even borrow a movie from a friend and upload it to the cell.

Eventually, the **AA’s will be forced to accept the fact that customers are in control and not them. They may be forced to make their money solely by advertising ontained within a scene of a movie (the hero wearing K-Swiss shoes, or a Coke machine in the backgroud, or even a billboard displayed in a road scene). There still is money to be made in media entertainment, and fortunately, there is the chance of the common man to get in on the profits. I watched “The Scene” http://www.welcometothescene.com and have found a well made story that looks like it costed very little to set up.

]]> By: Reader's Write http://www.p2pnet.net/story/5677/comment-page-1#comment-17342 Reader's Write Mon, 25 Jul 2005 09:11:57 +0000 #comment-17342 I don't think so, normally dns packts will send to one or few fixed dns servers, but p2p traffic is not. I don’t think so, normally dns packts will send to one or few fixed dns servers, but p2p traffic is not.

]]> By: Reader's Write http://www.p2pnet.net/story/5677/comment-page-1#comment-17340 Reader's Write Mon, 25 Jul 2005 09:07:35 +0000 #comment-17340 The method in the article is based on traffic behavior, so encryption is no use. The method in the article is based on traffic behavior, so encryption is no use.

]]> By: Reader's Write http://www.p2pnet.net/story/5677/comment-page-1#comment-17336 Reader's Write Mon, 25 Jul 2005 08:05:03 +0000 #comment-17336 One word: FileTopia. Encrypted P2P. Enjoy. (Bit Torrent client now too. :-)) http://www.filetopia.org/home.htm One word: FileTopia.

Encrypted P2P. Enjoy.

(Bit Torrent client now too. :-) )

http://www.filetopia.org/home.htm

]]> By: Reader's Write http://www.p2pnet.net/story/5677/comment-page-1#comment-17329 Reader's Write Mon, 25 Jul 2005 06:42:51 +0000 #comment-17329 So, I think the app Rodi would still be unidentified using this technique. It uses udp for all transfers, but they appear as dns packets, so it would actually look to be a dns server, and thus ignored. So, I think the app Rodi would still be unidentified using this technique.
It uses udp for all transfers, but they appear as dns packets, so it would actually look to be a dns server, and thus ignored.

]]> By: Reader's Write http://www.p2pnet.net/story/5677/comment-page-1#comment-17322 Reader's Write Mon, 25 Jul 2005 05:14:37 +0000 #comment-17322 Actually, there is an easy way to defeat this. Encrypt the data as it leaves the host. Using something like IPSec, SSL, or SSH tunneling will stop any traffic monitoring and analysis in it's tracks. If you can't see it, then you can't analyze it. So the only thing left at this point is port usage and IP addresses. Actually, there is an easy way to defeat this. Encrypt the data as it leaves the host. Using something like IPSec, SSL, or SSH tunneling will stop any traffic monitoring and analysis in it’s tracks. If you can’t see it, then you can’t analyze it. So the only thing left at this point is port usage and IP addresses.

]]> By: Reader's Write http://www.p2pnet.net/story/5677/comment-page-1#comment-17317 Reader's Write Mon, 25 Jul 2005 02:45:28 +0000 #comment-17317 Well, this is not about port scanning. This is about looking at the network traffic from an ISPs side, where you can see every packet going from/to the host. Also it is about a quick way of identifying p2p users from a very large userbase (think millions of clients). And it is done simply by looking at the source/destination adresses and length of the packets. Also a blocklist won't help at all, because to fight this method you mustn't send out any packets from your p2p application. And the identifying computer does not send out any packets, so there are none you could block. It just listenes to every packet an ISP processes. Think of it as identifying cars on a highway by listening to the sound. Not by looking at them, and especially not by shouting at the owners to tell you their brand (this might be closest to a portscan) :) Well, this is not about port scanning. This is about looking at the network traffic from an ISPs side, where you can see every packet going from/to the host. Also it is about a quick way of identifying p2p users from a very large userbase (think millions of clients). And it is done simply by looking at the source/destination adresses and length of the packets.

Also a blocklist won’t help at all, because to fight this method you mustn’t send out any packets from your p2p application. And the identifying computer does not send out any packets, so there are none you could block. It just listenes to every packet an ISP processes.

Think of it as identifying cars on a highway by listening to the sound. Not by looking at them, and especially not by shouting at the owners to tell you their brand (this might be closest to a portscan) :)

]]> By: Reader's Write http://www.p2pnet.net/story/5677/comment-page-1#comment-17310 Reader's Write Sun, 24 Jul 2005 22:13:26 +0000 #comment-17310 Port scanning doesn't work though, if you have the scanners IP blocked? right? O_o lol so this is pointless since MANY of us use IP blockers to block all known riaa addresses and many other corperate IPs. lol maybe I'm not thinking right, but you can't base anything off of what port it uses... because ports can be used by anything... its no likely to happen, but it does... so thats not a viable form of evidence. xD Port scanning doesn’t work though, if you have the scanners IP blocked? right? O_o lol so this is pointless since MANY of us use IP blockers to block all known riaa addresses and many other corperate IPs. lol

maybe I’m not thinking right, but you can’t base anything off of what port it uses… because ports can be used by anything… its no likely to happen, but it does… so thats not a viable form of evidence. xD

]]>