From: sawar <sawar@interia.pl>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] How to fight with encrypted p2p
Date: Mon, 12 Nov 2007 11:17:13 +0000 [thread overview]
Message-ID: <200711121217.13406.sawar@interia.pl> (raw)
In-Reply-To: <20071112015107.4ECBBEB2BB@f05.poczta.interia.pl>
Rtorrent which I use sometimes have ability to completely disable plain text
communication :
man rtorrent
allow_incoming (allow incoming encrypted connections),
try_outgoing (use encryption for outgoing connections), require (disable
unencrypted handshakes), require_RC4 (also disable plaintext
transmission after the initial encrypted handshake), enable_retry (if the
initial outgoing connection fails, retry with encryption turned on if it was
off or off if it was on), prefer_plain text (choose plaintext when peer
offers a choice between plaintext transmission and RC4 encryption, otherwise
RC4 will be used).
and many other clients have similar abilities.
I'm afraid that full encrypted and enabled by default communication is only a
matter of time and we will lose this "fight" very soon.
> Some clients P2P clients are nice about there encryption and negotiate
> encryption ahead of time using plain communication. I.E. Limewire,
> Azureus. However, some just start TLS and that is all you can see.
>
> Looking at ipp2ps signatures, I don't see anything that leads me to
> believe they track that kind of info.
>
>
>
> David Bierce
>
> On Nov 11, 2007, at 9:48 PM, Mohan Sundaram wrote:
> > sAwAr wrote:
> >> Hi
> >> I believe that whole question is in topic. Is there any way to
> >> recognize ( and then shape ) p2p traffic which is encrypted?
> >> Modern p2p clients have this ability moreover some of them have
> >> this enabled by default. Now I'm using ipp2p for iptables but as I
> >> know this doesn't recognize encrypted traffic.
> >> Thanks in advance.
> >> Pozdrawiam
> >> Szymon Turkiewicz
> >
> > Have not tried this. An idea. P2P initiations are not encrypted
> > AFAIK. Thus connections can be marked and related traffic shaped. If
> > initiation is also encrypted, then I think we have a serious problem.
> >
> > Mohan
> > _______________________________________________
> > LARTC mailing list
> > LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next prev parent reply other threads:[~2007-11-12 11:17 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-12 1:51 [LARTC] How to fight with encrypted p2p sAwAr
2007-11-12 3:55 ` Mohan Sundaram
2007-11-12 7:02 ` David Bierce
2007-11-12 11:17 ` sawar [this message]
2007-11-13 11:58 ` Marcin Stanczyk
2007-11-13 15:09 ` Grant Taylor
2007-11-13 15:37 ` Carl-Daniel Hailfinger
2007-11-13 15:53 ` Grant Taylor
2007-11-13 16:32 ` Marco Aurelio
2007-11-14 9:42 ` Klaus
2007-11-14 14:32 ` Sébastien CRAMATTE
2007-11-14 14:44 ` Sébastien CRAMATTE
2007-12-02 11:42 ` Andrew Beverley
2007-12-03 10:49 ` Gustin Johnson
2007-12-03 19:33 ` Andrew Beverley
2007-12-10 13:37 ` the sew
2007-12-10 14:09 ` Mario Antonio Garcia
2007-12-10 14:28 ` the sew
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200711121217.13406.sawar@interia.pl \
--to=sawar@interia.pl \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.