Announcement

Collapse
No announcement yet.

"End of Days" for using encryption with BitTorrent to avoid throttling?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • "End of Days" for using encryption with BitTorrent to avoid throttling?

    As many of you may or may not know, I'm in the network/systems security industry as a profession. I've been doing this for many many years and part of my yearly educational routine is attending the Black Hat and DEFCON conventions in Las Vegas.

    Well. I've been down here for the past few days for Black Hat and one of the sessions I attended was "Protocol Identification through Statistical Analysis". It was a rather interesting session that focused not on analyzing packets and the data they contain to determine what type of traffic was being passed on a network rather analyzing specific patterns within the packet flow itself and packet timing to determine what type of traffic was being passed.

    With the recent discussion in our forums about using various BitTorrent clients due to their support of encrypted data streams that can avoid detection and the ultimate throttling of that traffic by your ISP, I found this session quite interesting.

    TippingPoint has developed tools that can analyze traffic and through the use of some euclidean geometry "magic" determine what type of traffic is being passed even if the traffic is encrypted and contains no conventional signature.

    I played a bit with one of the tools that was released and I can see this type of protocol detection being integrated into existing bandwidth management/shaping tools relatively soon. The tools are VERY effective and highly accurate.

    The URL provided during the session isn't working, so I'll post some of the tools up later on when I'm back in my hotel room and have the Black Hat CD on me.
    Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

  • #2
    Re: "End of Days" for using encryption with BitTorrent to avoid throttling?

    Well I don't know what method is being used, but Roger's cable internet is already detecting and throttling bittorrent traffic regardless of what people try. They probably aren't using something as smart as this statistical analysis yet, but you can be sure that they will adopt it in a hurry if it works better than what they have.
    Peace through fear... since 1947!

    Comment


    • #3
      Re: "End of Days" for using encryption with BitTorrent to avoid throttling?

      They might be doing it based on peer-to-multipeer analysis. The dangerous thing with that is it can also potentially interfere with other legitimate network activity although that is somewhat unlikely.

      This stuff works very very well. I went through a couple other really good sessions that I'll share when I get back home. I also got some pretty nifty tools.
      Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

      Comment


      • #4
        Re: "End of Days" for using encryption with BitTorrent to avoid throttling?

        Originally posted by Apophis View Post
        They might be doing it based on peer-to-multipeer analysis. The dangerous thing with that is it can also potentially interfere with other legitimate network activity although that is somewhat unlikely.
        Ya, but there's no evidence suggesting that they care about interfering. :)
        Peace through fear... since 1947!

        Comment


        • #5
          Re: "End of Days" for using encryption with BitTorrent to avoid throttling?

          Rogers throttles bittorrent and ANY encrypted traffic.

          More than that, I believe that they throttle your ENTIRE BANDWIDTH when encrypted traffic is present. I access my own email server from home over ssh...when I leave my email link open, ALL my bandwidth is throttled to roughly < 10 kb/s (legitimate or not). This includes all encrypted (ssh and tar.bz2'd netcat) file transfers between home and my lab computer.

          When I close it, all slowdowns magically dissapear.

          Quite frankly it's a bloody outrage..i pay X amount of dollars for X amount of bandwidth, and they have no business telling me what I use my bandwidth for as long as I don't violute their EULA. Needless to say, I will be soon changing internet providers to ***********

          *Edit* I didn't want to promote one company over another..so I changed it.. Needless to say there are alternative internet providers that provide better service and I urge everyone to seek these out and vote with your dollar.

          /end rant

          Comment


          • #6
            Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

            Yeah, I got a friend using Rogers and his server is throttled because he uses encrypted connections for security. It's a shame but I don't think running his own server was in the Rogers agreement either.

            This kind of traffic shaping sounds pretty good. A much better way of targeting the right kind of packets.

            - It's who you game with.

            Comment


            • #7
              Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

              Originally posted by =Sarc= View Post
              Yeah, I got a friend using Rogers and his server is throttled because he uses encrypted connections for security. It's a shame but I don't think running his own server was in the Rogers agreement either.

              This kind of traffic shaping sounds pretty good. A much better way of targeting the right kind of packets.
              My servers are run by UofT, not rogers...Last time I checked, secure access to legal servers was within the EULA.

              Comment


              • #8
                Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

                Originally posted by JAMerica View Post
                My servers are run by UofT, not rogers...Last time I checked, secure access to legal servers was within the EULA.
                That's a different situation not expected by Rogers' traffic shaping. Definitely speak with your money. It's a good choice to move if you're not satisfied with the service.

                - It's who you game with.

                Comment


                • #9
                  Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

                  Originally posted by Apophis View Post
                  I went through a couple other really good sessions that I'll share when I get back home. I also got some pretty nifty tools.
                  Definitely do share any other cool/interesting/surprising stuff you take away from Defcon. Even though I'm clinically retarded when it comes to most anything beyond end user uses of various apps, I still find that stuff fascinating, as I'm sure others here would too.
                  Beatnik

                  Comment


                  • #10
                    Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

                    Hmm, this sounds very interesting to me.

                    Applying it to a home network setup is even better. :madsmile: If it is possible...

                    Can't wait to see the new tools... :D
                    |TG-18th| Acreo Aeneas
                    TG World of Tanks Clan Executive Officer
                    Former 9th & 13th

                    Pronounciation: Eh-Cree-Oh Ah-Nay-Ess
                    Still can't say it? Call me Acorn then. -.-





                    SSDs I Own: Kingston HyperX 3K (240 GB), Samsung 840 Pro (256 GB), Samsung 840 EVO (250 GB), Samsung 840 x 2 (120 GB), Plextor M5S (120 GB), OCZ Vertex (30 GB)

                    TG Primer and Rules

                    Comment


                    • #11
                      Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

                      I only stayed for half a day at DEFCON due to the timing of my flight. I did get the content CD though. All the real good stuff was at Black Hat over the past couple days. Black Hat seems to be the better show but it's also a LOT more expensive than DEFCON. A lot of the DEFCON sessions in the schedule were just regurgitated Black Hat sessions.

                      In any case, I'm sitting in McCarren airport right now waiting for my flight home. So I should have some more stuff to post tomorrow.
                      Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

                      Comment


                      • #12
                        Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

                        Nice. :)
                        |TG-18th| Acreo Aeneas
                        TG World of Tanks Clan Executive Officer
                        Former 9th & 13th

                        Pronounciation: Eh-Cree-Oh Ah-Nay-Ess
                        Still can't say it? Call me Acorn then. -.-





                        SSDs I Own: Kingston HyperX 3K (240 GB), Samsung 840 Pro (256 GB), Samsung 840 EVO (250 GB), Samsung 840 x 2 (120 GB), Plextor M5S (120 GB), OCZ Vertex (30 GB)

                        TG Primer and Rules

                        Comment


                        • #13
                          Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

                          Does "encrypted traffic" include traffic tunneled through SSH or separately encrypted information?
                          The trouble with the world is that the stupid are cocksure and the intelligent are full of doubt. ~
                          I have a tendency to key out three or four things and then let them battle for supremacy while I key, so there's a lot of backspacing as potential statements are slaughtered and eaten by the victors. ~
                          Feel free to quote me. ~

                          Comment


                          • #14
                            Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

                            What about programs such as WASTE that create something like a VPN with private keys and up to 4 kilobit AES blowfish encryption? Packet analysis would be fairly useless if you have certain options on because WASTE will saturate the bandwidth when it's not running at full with trash bits.

                            <04:11:24> *** You are now talking in channel: "TFP - Task Force Proteus"
                            <04:16:25> "|TG-XV| Tralic": this channel is so gay
                            DICE needs to make a comical boxing glove attached to a spring punch the player in the face 40% of the time they get into a helicopter or jet.

                            Comment


                            • #15
                              Re: &quot;End of Days&quot; for using encryption with BitTorrent to avoid throttling?

                              Originally posted by Bisclaveret View Post
                              What about programs such as WASTE that create something like a VPN with private keys and up to 4 kilobit AES blowfish encryption? Packet analysis would be fairly useless if you have certain options on because WASTE will saturate the bandwidth when it's not running at full with trash bits.
                              That's a good question. Once I get some time to play a bit more with the PISA tool I can give it a shot and see what happens. That might be a good way around PISA though.
                              Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

                              Comment

                              Connect

                              Collapse

                              TeamSpeak 3 Server

                              Collapse

                              Advertisement

                              Collapse

                              Twitter Feed

                              Collapse

                              Working...
                              X