detecting p2p
Results 1 to 7 of 7

Thread: detecting p2p

  1. #1
    Junior Member
    Join Date
    Jul 2004
    Posts
    16

    detecting p2p

    I have a little problem, during my search for a compitent p2p program I encountered Filetopia whcih for some reason works prefectly with my ISP. Other p2p (kazaa, shareaza, overnet, mule...etc) do not work.

    filetopia uses 256 encryption, and besides the bandwith neigh dtectable. Or is it?

    Now if I was the administrator, and for some reason a user is being abusive, how can I detect or monitor the said user?

    does anyone use filetpia? can it be detected? Can the exact file name/ extension be retrieved?

    Thanks

  2. #2
    Senior Member
    Join Date
    Jul 2001
    Posts
    343
    Check your TOS with your ISP, you may be in violation....
    using P2P
    Franklin Werren at www.bagpipes.net
    Yes I do play the Bagpipes!

    And learning to Play the Bugle

  3. #3
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,065
    lol, if you don't want to be detected then simply don't do it. Since you say it uses 256 bit encryption, you would think that if somehow the admin was watching the activity, it would look like jiberish. But that's just what I would think, that doesnt mean that's right.
    I am the uber duck!!1
    Proxy Tools

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Now if I was the administrator, and for some reason a user is being abusive, how can I detect or monitor the said user?
    Presumably in the same way as the person being abused can?

    Unless the recipients can decrypt it, it will be jibberish, or the encryption isn't working.

    If you are the Admin of a chatroom type P2P site then you know the ISP and the dates times, so you just report the abuse to the ISP, who keep logs.

    If you mean abusing your ISP rules, you will show up in the logs. If you persist in using "stealth" techniques, you might actually draw attention to yourself.

    Also, 256bit encryption isn't THAT secure, particularly if THEY are out to get you.

    I suppose it actually depends on what you actually mean by "abusive"
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,065
    Not to mention, if your using encryption, it will look like jiberish, so if they see nothing but jibberish, then that's going to cause them to watch you more closely... Therefore the encryption actually did more harm then good... Correct?
    I am the uber duck!!1
    Proxy Tools

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    The data are encrypted, but there is probably a header which announces versions, protocol support etc, used by the P2P client to ensure compatibility.

    This can easily be detected by something like a layer 7 packet classifier, if it has correct rules. No amount of encryption will prevent this (in theory).

    More than likely, your ISP just hasn't updated their layer 7 classifier to include a rule for this specific p2p protocol; there are a lot out there.

    If the ISP is blocking P2P, that implies that their policy forbids it, therefore it is going to be a violation of conditions to use ANY p2p client, not just ones their classifier knows about.

    Some ISPs charge more for P2P users. At least here in the UK, at least one broadband provider has a specific lower tarriff for non-p2p users.

    Slarty

  7. #7
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    if you encript traffic and you doing some piracy, its simple: cops will go to your house and ask you to see your disk file!
    ISP dont use to monitor packet contents (imagine the overhead doing that).
    When they are "in the mood" to monitor, they use to monitor tcp/ip ports. some P2P software allow you to change connections ports so, you can hide traffic for ISP for while.
    However, its easy to monitor the entire traffic behavior: a connections that use to be "filled to the top" or have a continous packet flow (if you set some kind of maximum flow at p2p software), home networking... what does it like? ... p2p. Nothing running at a computer has a similar behavior.

    If you are not allowed to use, JUST DONT USE IT.
    Better advice you wont get.
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •