I was at a conference a while ago and one of the speakers talked about a project they had.
The project was based on a large campus in which all students were only allowed http and
that was it. The problem was a large number of student were using http tunnel and other
like minded programs to get around it.
This phd's solution was to design and code a unique program. The program was based on the
response and answer times and amount of data sent vs received. I won't go into details here
for it would take too long, however once properly coded and implemented this program detected %97 of all http tunnel sessions!
That was pretty wicked indeed. Thought I would post this in case some of you guys were having like minded concerns over what some people were doing via http.