Slashdot Mirror

← Back to Stories (view on slashdot.org)

Network Measurement Tool Detects Reset Packets

Posted by kdawson on from the getting-it-on-record dept.

kickassweb writes "If you think your ISP is sniffing packets, or worse yet, sending reset packets to stop torrents, there's now a beta Network Measurement Tool to detect them, courtesy of Lauren Weinstein of the Net Neutrality Squad. It's released under the LGPL, and runs under Win2K, XP, and Vista. Quoting: 'While the reset packet detection system included in this release is of interest, NNSquad views this package as more important in the long run as a development base for a broad range of network measurement functionalities and associated communications and analysis efforts.'"

12 of 118 comments (clear)

  1. Slashdotters would laud this, but... by elrous0 · · Score: 4, Funny

    Without a Linux version, it's obviously the work of Satan.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:Slashdotters would laud this, but... by nmg196 · · Score: 4, Insightful

      I hate it when people say "just port it" just because something is open source - Like every single computer user is capable of writing low level network code for any platform. I suspect that more than 99.9% of people of people who read slashdot would not stand a hope in hell of "porting it".

    2. Re:Slashdotters would laud this, but... by morgan_greywolf · · Score: 4, Funny

      I hate it when people say "just port it" just because something is open source - Like every single computer user is capable of writing low level network code for any platform. I suspect that more than 99.9% of people of people who read slashdot would not stand a hope in hell of "porting it".
      And, yet, at least 50-75% of those (probably much, much more) 99.9% are capable of learning how to do the work. The Linux TCP/IP stack, NIC drivers, etc., are fully open source. There are published specifications, docs, the whole nine yards. Read your RFCs. They're all online.

      Programming C is just not that difficult, especially for anyone who already knows how to code in at least one other language.

      Don't know how to code? There are tons of tutorials, books, and more on the Web, at your library, at your local bookstore and from e-commerce vendors everywhere.

      If you have a brain, and an IQ of at least, say 115 or so, you have no excuse.

      --
      My blog
    3. Re:Slashdotters would laud this, but... by Bill_the_Engineer · · Score: 5, Insightful

      I would like to give the benefit of the doubt to the original poster and interpret his comments this way:

      If there was a ready made package for me to use, I would gladly help the monitoring effort. However, I find the mantra "just port it" not only a reactionary response, but also totally unrealistic.

      Don't know how to code? There are tons of tutorials, books, and more on the Web, at your library, at your local bookstore and from e-commerce vendors everywhere.

      If you have a brain, and an IQ of at least, say 115 or so, you have no excuse.

      I find this totally hilarious and would have modded you funny if I had the points to give. You are a comic genius using the absurd to humorously make a point...

      I mean it's like saying "If you are capable of reading all the books available on construction and building codes, then there is no excuse for you not being able to build your own house."

      Of course I could be wrong and misinterpreted both of your responses, in that case nevermind...

      --
      These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
    4. Re:Slashdotters would laud this, but... by Inner_Child · · Score: 5, Insightful

      If you have a brain, and an IQ of at least, say 115 or so, you have no excuse. Maybe your time is worthless, but I actually have things that I have to do. Learning to code requires time that I (and I'm sure many others) just don't have.
      --
      Today is red jello day - all workers must eat all of their red jello. Failure to comply will result in five demerits.
    5. Re:Slashdotters would laud this, but... by blhack · · Score: 5, Insightful

      If you have a brain, and an IQ of at least, say 115 or so, you have no excuse. Thank you for completely trivializing a skill that some of us spend our entire lives perfecting.

      Seriously, it is this sort of mentality that is killing tech. You DO have to be extremely smart/dedicated to do really low level CS work. You DO have to have a pretty heavy mathematics background to do any really serious code work and it is NOT something that you can "Learn in 7 days" no matter what the books you bought at borders are telling you.
      --
      NewslilySocial News. No lolcats allowed.
  2. RST blocking? by Applekid · · Score: 4, Interesting

    IANANG (I Am Not A Network Guru) but, what harm could happen if, say, all reset packets were just ignored and dropped by the network stack? All the hubbub about figuring out if your ISP is sabotaging you seems less useful than just blocking the shanangans and moving on with your life.

    --
    More Twoson than Cupertino
    1. Re:RST blocking? by cduffy · · Score: 5, Interesting

      Without RST packets, how are you supposed to know if the remote host is legitimately closing the connection?

    2. Re:RST blocking? by Zocalo · · Score: 4, Interesting

      Assuming that you have a device capable of doing so, which I doubt many SoHo router/firewalls are, then there are not too many issues with dropping RST packets, and none of the them are show stoppers. It'll take a little longer before your web browser or whatever can determine that the remote site is genuinely down or otherwise refusing connections but that's about it from the "end-user" point of view. If you have a Linux proxy box however, then IPTables is perfectly capable of doing this for you, and can even do so in a sensible way - ie. just for BitTorrent traffic, just to pick a protocol at random.

      --
      UNIX? They're not even circumcised! Savages!
  3. Network Measurement Tool Detect Reset Packets by HPUXCowboy · · Score: 5, Informative

    I would point out that a tool has existed for years that possessed this capability AND has been available on BOTH Linux (*NIX) and M$ platforms. It's called Wireshark (formerly Ethereal). I will offer the caveat that you had to know a bit about TCP/IP protocol to use this tools but, there it is.

    --
    Unix has always been User Friendly ... it's just very particular who it makes friends with.
    1. Re: Network Measurement Tool Detect Reset Packets by CogDissident · · Score: 4, Interesting

      Well yeah, but having a tool where you can have joe-average download it, press a button, and get all upset at Comcast has much more value.

  4. Not sure what the point is by Moraelin · · Score: 4, Insightful

    I'm not entirely sure what your point is, and if it's supposed to be a good or a bad thing.

    What would happen on a closed proprietary protocol? (E.g., let's imagine that MS had pursued their initial idea of makingt a MS net instead of the Internet, or that AOL/Compuserve/whatever had never gone TCP/IP and managed to win on their own, or that we all were on the French minitel. Or, heck, that each ISP had their own protocol and proprietary browser, and just converted to and from it. At least one did try to convert the graphics like that, and at least one is currently re-encoding movies, so it's not a huge stretch of imagination.)

    Well, then you'd be pretty much in the hands of whoever owns the protocol, i.e., most likely the ISP. If you were on, say, a proprietary AOL network, which works only with proprietary AOL software, and uses AOL's own proprietary protocols, then you're completely at their mercy. If they want to reset your connections, or whatever else, what are you going to do about it?

    Of course, you could reverse-engineer their protocols and patch their programs, which is a hell of a lot more expense and effort than with the open protocols. Except then they could:

    1. Just change the protocol from one version to another, to break your changes. (AOL actually did this for a while to keep breaking MS's attempts of making their Windows Messenger interoperable with AIM.)

    2. Sue you under DMCA for hacking into their network and bypassing their checks. (Seriously, much smaller attempts at reverse-engineering a protocol resulted in DMCA lawsuits.)

    So basically at best you'd have to bet a _lot_ on, well, how sympathetic a judge would be to your view that you have a right to bypass the usage or access restrictions on privately owned servers, to download more than you've bought, and to hack their software to that end. I wouldn't take it as a given.

    So basically open software at least gives you a fighting chance at all. Yes, they can keep modifying their implementation, but so can you. In the closed version, they own the software and the protocol, they can change it, but _you_ can't.

    Open standards even put a limit on how far they can take technique #1 above, because at the end of the day, they still have to remain compatible with a metric buttload of software and hardware that they don't control. In the all proprietary version, if they want to change the protocol and software _completely_, and leave the old channel open just for downloading the new software, they can.

    --
    A polar bear is a cartesian bear after a coordinate transform.