Slashdot Mirror
Network Measurement Tool Detects Reset Packets
kickassweb writes "If you think your ISP is sniffing packets, or worse yet, sending reset packets to stop torrents, there's now a beta Network Measurement Tool to detect them, courtesy of Lauren Weinstein of the Net Neutrality Squad. It's released under the LGPL, and runs under Win2K, XP, and Vista. Quoting: 'While the reset packet detection system included in this release is of interest, NNSquad views this package as more important in the long run as a development base for a broad range of network measurement functionalities and associated communications and analysis efforts.'"
Without a Linux version, it's obviously the work of Satan.
SJW: Someone who has run out of real oppression, and has to fake it.
First the Chinese firewall, and now ISPs closer to home.
Of course the ISPs shouldn't be allowed to spoof any packets, but what would be the consequence of ignoring all reset packets on a home network?
IANANG (I Am Not A Network Guru) but, what harm could happen if, say, all reset packets were just ignored and dropped by the network stack? All the hubbub about figuring out if your ISP is sabotaging you seems less useful than just blocking the shanangans and moving on with your life.
More Twoson than Cupertino
This just highlights the evolving nature of open ... protocols? (it's more than the software). ...
... not for long.
I believe new software will appear that works around the next attempt to block torrents, and new software to go arround the one after that
If there is a big-enough interest in code/protocol changes, and the code / protocol is open, you can't "put a stop" to it.
Well
Tie two birds together: although they have four wings, they cannot fly. (The blind man)
How about setting up a firewall with our own deep packet inspection and reporting system? That way we can collectively scan, identify, analyze, report to a central site, aggregate the results, perform large scale analysis, and report the full results on all kinds of attacks on these firewalls around the world.
A distributed Get Your Hands Off My Network. This information can be used to provide Objective Evidence for Court Cases Against Aggressive ISP and Those Who Pretend To Be The Governments And Homeland Security Departments of The ~192 Imagined Countries Around The World. It's about time that these pretenders, who do real harm to other people in the world to, know that they are not the only ones with some power. We tech geeks say hands off our Internets and we are watching and reporting on YOU BIG BROTHER!
Power the the Geeks.
I would point out that a tool has existed for years that possessed this capability AND has been available on BOTH Linux (*NIX) and M$ platforms. It's called Wireshark (formerly Ethereal). I will offer the caveat that you had to know a bit about TCP/IP protocol to use this tools but, there it is.
Unix has always been User Friendly
Because, of course, ISPs could also forge legitimate looking TCP RST packets.
Religion is what happens when nature strikes and groupthink goes wrong.
Well, probably. I know you can do this with Wireshark, and wireshark and tcpdump both use libpcap.
My blog
Special thanks to John Bartas for all of his diligent and continuing work on this software for NNSquad. So, I would assume that its just the one guy working on it (at the moment) which would explain why its Windows Only, its probably his chosen platform.
I'm not entirely sure what your point is, and if it's supposed to be a good or a bad thing.
What would happen on a closed proprietary protocol? (E.g., let's imagine that MS had pursued their initial idea of makingt a MS net instead of the Internet, or that AOL/Compuserve/whatever had never gone TCP/IP and managed to win on their own, or that we all were on the French minitel. Or, heck, that each ISP had their own protocol and proprietary browser, and just converted to and from it. At least one did try to convert the graphics like that, and at least one is currently re-encoding movies, so it's not a huge stretch of imagination.)
Well, then you'd be pretty much in the hands of whoever owns the protocol, i.e., most likely the ISP. If you were on, say, a proprietary AOL network, which works only with proprietary AOL software, and uses AOL's own proprietary protocols, then you're completely at their mercy. If they want to reset your connections, or whatever else, what are you going to do about it?
Of course, you could reverse-engineer their protocols and patch their programs, which is a hell of a lot more expense and effort than with the open protocols. Except then they could:
1. Just change the protocol from one version to another, to break your changes. (AOL actually did this for a while to keep breaking MS's attempts of making their Windows Messenger interoperable with AIM.)
2. Sue you under DMCA for hacking into their network and bypassing their checks. (Seriously, much smaller attempts at reverse-engineering a protocol resulted in DMCA lawsuits.)
So basically at best you'd have to bet a _lot_ on, well, how sympathetic a judge would be to your view that you have a right to bypass the usage or access restrictions on privately owned servers, to download more than you've bought, and to hack their software to that end. I wouldn't take it as a given.
So basically open software at least gives you a fighting chance at all. Yes, they can keep modifying their implementation, but so can you. In the closed version, they own the software and the protocol, they can change it, but _you_ can't.
Open standards even put a limit on how far they can take technique #1 above, because at the end of the day, they still have to remain compatible with a metric buttload of software and hardware that they don't control. In the all proprietary version, if they want to change the protocol and software _completely_, and leave the old channel open just for downloading the new software, they can.
A polar bear is a cartesian bear after a coordinate transform.
> Without a Linux version, it's obviously the work of Satan.
... mostly they're just lazy or uninformed.
Not really. It's just the work of somebody who doesn't hold portability as an important requirement.
Sometimes this happens because they don't have the means to test on other platforms. Sometimes it's because they're so narrowly focussed that they're not even aware that there's more to computing than their own platform. Some people are simply too lazy, or lacking in computing skills, to write portable applications. And quite frequently it's the work of someone who is totally obsessed with his own platform's unique UI and so produces an UI app that can't run anywhere else, without actually wanting to be evil.
Only very rarely does a minor wannabe Satan appear, one who willfully writes open-source code that can't be run on other platforms by design. I'm not even sure I can name a clear example of it
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
I always use
wget -c <URL>
to download large files. Even when your ISP is on the up and up, you'll get a RST occasionally if the remote computer sends it. Using wget to continue an almost completed download of an iso or XPSP3 is really handy.
tcpdump 'tcp[13] & 4!=0'
Come play free flash games on Kongregate!
The correct (and difficult to detect) way of throttling is by delaying ACK packets a few ms. Then normal TCP congestion control does all the nice throttling for you.
The ethics of throttling are a different matter: one side says they've been promised unlimited, and the other wants to be fair to all customers.
I've since switched to Sasktel. While it's a lower max bandwidth, I don't have to share, and I don't get a phone call asking me to "tone it down" when I use my account for more than just email...
Magic doesn't work in my presence. My power of disbelief is too strong.