Do not use Port 24032 for P2P - Firewalls

This is a discussion on Do not use Port 24032 for P2P - Firewalls ; Hi there. Warning to anyone thinking of using this port for P2P, don't as it is being monitored by a number of ISP's for the purposes of detecting illegal downloaders. .......

+ Reply to Thread
Results 1 to 9 of 9

Thread: Do not use Port 24032 for P2P

  1. Do not use Port 24032 for P2P

    Hi there.
    Warning to anyone thinking of using this port for P2P, don't as it is
    being monitored by a number of ISP's for the purposes of detecting
    illegal downloaders.

    ....

  2. Re: Do not use Port 24032 for P2P

    reticulans@yahoo.co.uk wrote:
    > Warning to anyone thinking of using this port for P2P, don't as it is
    > being monitored by a number of ISP's for the purposes of detecting
    > illegal downloaders.


    Any ISP worth its salt should do packet inspection and traffic analysis
    instead of simple port monitoring.

    Chris

  3. Re: Do not use Port 24032 for P2P

    Am Thu, 23 Oct 2008 14:06:43 +0100 schrieb Chris Davies:

    > reticulans@yahoo.co.uk wrote:
    >> Warning to anyone thinking of using this port for P2P, don't as it is
    >> being monitored by a number of ISP's for the purposes of detecting
    >> illegal downloaders.

    >
    > Any ISP worth its salt should do packet inspection and traffic analysis
    > instead of simple port monitoring.
    >
    > Chris


    if they have to they do (pattern matching)

  4. Re: Do not use Port 24032 for P2P


    X-No-Archive: Yes


    "Chris Davies" wrote in message
    news:3g96t5xfdm.ln2@news.roaima.co.uk...
    > reticulans@yahoo.co.uk wrote:
    >> Warning to anyone thinking of using this port for P2P, don't as it is
    >> being monitored by a number of ISP's for the purposes of detecting
    >> illegal downloaders.

    >
    > Any ISP worth its salt should do packet inspection and traffic analysis
    > instead of simple port monitoring.
    >


    Of course, a good encryption system can defeat traffic analysis.




  5. Re: Do not use Port 24032 for P2P

    Am Thu, 23 Oct 2008 13:56:59 -0700 schrieb Chilly8:

    > X-No-Archive: Yes
    >
    >
    > "Chris Davies" wrote in message
    > news:3g96t5xfdm.ln2@news.roaima.co.uk...
    >> reticulans@yahoo.co.uk wrote:
    >>> Warning to anyone thinking of using this port for P2P, don't as it is
    >>> being monitored by a number of ISP's for the purposes of detecting
    >>> illegal downloaders.

    >>
    >> Any ISP worth its salt should do packet inspection and traffic analysis
    >> instead of simple port monitoring.
    >>

    >
    > Of course, a good encryption system can defeat traffic analysis.


    yep, thats what the smart people do :-).

  6. Re: Do not use Port 24032 for P2P

    Am Thu, 23 Oct 2008 13:56:59 -0700 schrieb Chilly8:
    > Of course, a good encryption system can defeat traffic analysis.


    Burkhard Ott wrote:
    > yep, thats what the smart people do :-).


    Um, let me see now. Consider a PC making lots of TCP sessions to "random"
    places. There are a lot of other "random" places making TCP connections
    to this PC. The whole lot either self-limits to a relatively arbitrary
    KB/s or else tries to fill up the entire available bandwidth. Encryption
    or not, I'd suggest that this scenario was remarkably consistent with
    a P2P model, regardless of the traffic content.

    Traffic analysis is (partly) about looking for recognisable patterns.
    Chris

  7. Re: Do not use Port 24032 for P2P

    Chris Davies:

    > I'd suggest that this scenario was remarkably consistent with
    > a P2P model, regardless of the traffic content.


    Like Skype VoIP? It uses both encryption and a P2P model of bandwidth
    sharing. So if you block all encrypted traffic with multiple ingress and
    egress points you could be blocking valid Skype traffic along with any
    other valid P2P traffic -- for which there are plenty of legitimate uses.
    q.v. legaltorrents.com plus several OS and software distributions
    including CentOS and OpenOffice.org.

    -Gary

  8. Re: Do not use Port 24032 for P2P

    Chris Davies wrote:
    > I'd suggest that this scenario was remarkably consistent with
    > a P2P model, regardless of the traffic content.


    Gary wrote:
    > Like Skype VoIP? It uses both encryption and a P2P model of bandwidth
    > sharing.


    Yep. It's a P2P protocol.


    > So if you block all encrypted traffic with multiple ingress and
    > egress points you could be blocking valid Skype traffic along with any
    > other valid P2P traffic -- for which there are plenty of legitimate uses.


    Although the original poster cautioned against use of a specific port for
    P2P traffic, the point I originally made was that a savvy ISP should use
    traffic analysis rather than just port monitoring to track P2P traffic.

    If an ISP wants to prohibit/limit/restrict P2P traffic then it is
    entitled to do so (vote with your feet, where applicable). With content
    encryption it becomes harder (impossible?) for an ISP - or any other
    network monitoring body - to differentiate between legitimate traffic
    and illegal traffic.

    Regards,
    Chris

  9. Re: Do not use Port 24032 for P2P


    X-No-Archive: Yes


    "Chris Davies" wrote in message
    news:bht8t5x1k7.ln2@news.roaima.co.uk...
    > Am Thu, 23 Oct 2008 13:56:59 -0700 schrieb Chilly8:
    >> Of course, a good encryption system can defeat traffic analysis.

    >
    > Burkhard Ott wrote:
    >> yep, thats what the smart people do :-).

    >
    > Um, let me see now. Consider a PC making lots of TCP sessions to "random"
    > places. There are a lot of other "random" places making TCP connections
    > to this PC. The whole lot either self-limits to a relatively arbitrary
    > KB/s or else tries to fill up the entire available bandwidth. Encryption
    > or not, I'd suggest that this scenario was remarkably consistent with
    > a P2P model, regardless of the traffic content.
    >


    > Traffic analysis is (partly) about looking for recognisable patterns.
    > Chris


    A public VPN site would defeat pattern matching, since all the
    data packets would appear to all be going to the same place.



+ Reply to Thread