Hi,
We had similiar problem with p2p, used ipp2p and L7filter together
before and worked well until clients( mostly clever ones) started
getting around it with encryption. We have about 700 wireless clients
hitting our network and our network was taking big knocks with guys
using couple of gigs
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I believe fighting is the wrong approach. Badly shaping the wrong
traffic is just as bad, if not worse IMO. An ISP in my neck of the
woods plays havoc with encrypted mail (SMTP + TLS as well as IMAPS) as a
result of their P2P fight. Needless to say
I believe fighting is the wrong approach. Badly shaping the wrong
traffic is just as bad, if not worse IMO. An ISP in my neck of the
woods plays havoc with encrypted mail (SMTP + TLS as well as IMAPS) as a
result of their P2P fight. Needless to say we no longer use them, and
we encourage
I believe that whole question is in topic.
Is there any way to recognize ( and then shape ) p2p traffic which is
encrypted?
Modern p2p clients have this ability moreover some of them have this enabled
by default.
Now I'm using ipp2p for iptables but as I know this doesn't recognize
About ipp2p,
Right now, the battle against p2p is lost with l7 detection from ipp2p,
l7 filter and others.
Why ?? It is a known fact that pattern matching does not work with full
encrypted P2P handshakes based on DHT key exchange algorithms with byte
padding. You have absolutely no byte pattern
Sorry ... I'm little bite tired ...
I mean that we might sponsor Klauss and L7 team to develop this ...
Regards
Sébastien CRAMATTE escribió:
Klauss,
Could you
Might be you can sponsor the development ...
Regards
Sébastien
Klaus escribió:
About ipp2p,
Right now, the battle
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi
I believe that whole question is in topic.
Is there any way to recognize ( and then shape ) p2p traffic which is
encrypted?
Modern p2p clients have this ability moreover some of them have this enabled
by default.
Now I'm using ipp2p
On 11/11/07 19:51, sAwAr wrote:
Is there any way to recognize ( and then shape ) p2p traffic which is
encrypted? Modern p2p clients have this ability moreover some of
them have this enabled by default. Now I'm using ipp2p for iptables
but as I know this doesn't recognize encrypted traffic.
On 13.11.2007 16:09, Grant Taylor wrote:
On 11/11/07 19:51, sAwAr wrote:
Is there any way to recognize ( and then shape ) p2p traffic which is
encrypted? Modern p2p clients have this ability moreover some of
them have this enabled by default. Now I'm using ipp2p for iptables
but as I know
On 11/13/07 09:37, Carl-Daniel Hailfinger wrote:
Well, you can surely try. But then again, I have been doing research
(publication pending) in traffic-pattern-based detection of VoIP
flows and peer-to-peer connections. While it usually is easy to find
a pattern matching your particular traffic
Hello ,
Tuesday, November 13, 2007, 5:09:32 PM, you wrote:
Encrypted or not, I believe all traffic can be somewhat recognized by
its usage pattern(s). However there may be more false positives. We
may end up recognizing what we know as good and putting the rest at a
lower class of
As you might have seen, these are words from ipp2p author:
I have seen some pieces of code from ipoque which can detect encypted bittorrent
and edonkey traffic. Unforunately, this code will not work with
iptables, because it needs
more information about the flow history and the history of an ip
Rtorrent which I use sometimes have ability to completely disable plain text
communication :
man rtorrent
allow_incoming (allow incoming encrypted connections),
try_outgoing (use encryption for outgoing connections), require (disable
unencrypted handshakes), require_RC4 (also
Hi
I believe that whole question is in topic.
Is there any way to recognize ( and then shape ) p2p traffic which is encrypted?
Modern p2p clients have this ability moreover some of them have this enabled by
default.
Now I'm using ipp2p for iptables but as I know this doesn't recognize
sAwAr wrote:
Hi
I believe that whole question is in topic.
Is there any way to recognize ( and then shape ) p2p traffic which is encrypted?
Modern p2p clients have this ability moreover some of them have this enabled by default.
Now I'm using ipp2p for iptables but as I know this doesn't
Some clients P2P clients are nice about there encryption and negotiate
encryption ahead of time using plain communication. I.E. Limewire,
Azureus. However, some just start TLS and that is all you can see.
Looking at ipp2ps signatures, I don't see anything that leads me to
believe they
16 matches
Mail list logo
