Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: P2P Darknets to eclipse bandwidth management?

  • From: Florian Weimer
  • Date: Fri Sep 02 08:44:53 2005

* Stephen J. Wilcox:

> packet inspection will just evolve, thats the nature of this
> problem.. there are things you can find out from encrypted flows -
> what the endpoints and ports are, who the CA is. then you can look
> at the characteristics of the data.

These protocols typically don't use a PKI.  You could look at public
keys, but you don't even have to distribute them in-band.

What you can do is look at packet sizes and do timing analysis on
incoming and outgoing packets to a particular hosts.  For example, it
is possible to use such techniques to detect an interactive SSH
connection to a particular host on your network which is used by an
attacker to control an SSH client which connects to some other host.
I don't know how this scales to tens of thousands of hosts, though.

Apart from that, I do not really understand the concept of "bandwidth
management".  Isn't this this just an euphemism for "content
management", to avoid the ugly "c" word?




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.