redhatcat.blogspot.com — If you are tired of Sandvine screwing with your BitTorrent and a user of GNU/Linux, then this is for you. I will tell you how to take your bandwidth back. If you are using a Red Hat Linux derivative, such as Fedora Core or CentOS, then you will want to edit /etc/sysconfig/iptables.
Sep 5, 2007 View in Crawl 4
rootstyleSep 6, 2007
Do you understand what deep packet inspection is? They dont decrypt the traffic, they look for traffic patterns. I.E. heuristic analysis. The product is called P-Cube, its a company CIsco bought. Don't flame when you are just being ignorant. Some ISPs have already put it into place, and encryption doesn't fix it (although it may help throw it off a bit). These are just cost saving measures, thats the unfortunate bottom line.
mxxconSep 6, 2007
figure out how to use wireshark or any other network sniffer and post traffic dump showing that Cox is doing the same other.
hewbieSep 6, 2007
just cancel yer service with them if enough users leave they have to sit/up and take note, hopefully this would send strong message to isp(s) who do this :> we wont be force upon this crap anymore
drawingthesunSep 6, 2007
It Didn't work for me, I use Pipex in the UK and their traffic shaping effect bittorrent over ssh and VPN tunnelsSo if Comcast uses similar tactics (i guess they would do) then your out of luck
kevmasterSep 6, 2007
Another great use of iptables: Block Brute Force Attacks:<a class="user" href="http://digg.com/linux_unix/Ubuntu_Brute_Force_Attacks">http://digg.com/linux_unix/Ubuntu_Brute_Force_Attacks</a>
redhatcatSep 6, 2007
True, despite the comment burying. Comcast does not kill non-Comcast connections. I only know from personal experience.I believe they choose to not do this to avoid lawsuits from other ISPs, as that behavior could be seen as a DoS attack on their customers/networks. That's not to say what they are doing to their customers now is not a DoS attack, but they are less afraid of lawsuits from individuals than other ISPs most likely.
redhatcatSep 6, 2007
I thought about removing the custom chains for simplification. I'll make an edit in a bit. It is probably especially confusing for those using not using a Red Hat-like flavor.
thecubicSep 7, 2007
Legitimate connections are also closed with RST. See (from Wikipedia TCP):[Some host TCP stacks may implement a "half-duplex" close sequence, as Linux or HP-UX do. If such a host actively closes a connection but still has not read all the incoming data the stack already received from the link, this host will send a RST instead of a FIN (Section 4.2.2.13 in RFC 1122).]
funchordsSep 8, 2007
Tests and Results-RSTs are set in both directions<a class="user" href="http://www.dslreports.com/forum/r19036168-Tests-and-ResultsRSTs-are-set-in-both-directions">http://www.dslreports.com/forum/r19036168-Tests-and-ResultsRSTs-are-set-in-both-directions</a>Comcast users should not modify their firewalls to drop RST packets as it is not an effective defense against the injected RST packets.
Closed AccountJan 30, 2008
Easy to say when Comcast is the ONLY ISP in the area.
docsharp76Feb 16, 2008
If you want more bandwidth using Linux, you need to use a reliable T1 internet access provider.<a class="user" href="http://www.1-satellite-tv-facts.com/T1-Internet-Service.html">http://www.1-satellite-tv-facts.com/T1-Internet-Se ...</a>
dertyzJul 13, 2008
I want everyone who has read ANYWHERE that using Linux or Mac IP Tables to drop the forged packets with with the rst flag set won't help solve your peering problems to IGNORE what all the negative nellies are telling you!! I was a windows user on Comcast's network and until yesterday, my seeding capacity was ZERO...period...no seeding unless it was during the initial download. Yesterday I installed Ubuntu, dropped those bad, bad rst packets with the proper command and VOILA! I was seeding like crazy. So, if you wanna stick it to Comcast and everyone else using Sandvine - SWITCH TO LINUX OR MAC AND USE YOUR IP TABLES TO DROP THE FORGED RST PACKETS!!! It will fix your problem because now EVERYONE ELSE IS DROPPING THEIR PACKETS TOO!! So the packets get dropped from both sides and no rst is performed. JUST DO IT!! You'll be glad you did. I'll be happy to send you screen shots of two machines, side by side, one on windows and one on Linux...with the windows machine seeding to no one and the linux machine seeding like crazy. It really works! BELIEVE IT!
tmaiarotoNov 5, 2009
It's not just torrents - let's talk about legitimate usage. For instance I was working from home for a few days migrating a server. I had to transfer a couple thousand files (eh, like 100,000) images. Small. I mean the overall size wasn't much more than a few GB, like say 10gb. But the upload was to a CDN and it was slow because it had to keep sending one file at a time. It wasn't like I was zapping the neighborhood's bandwidth. So my internet dropped. It's not just torrents and it's really a shame. They should monitor the number of addresses you're uploading to. In my legit case, it was many uploads to the SAME IP. Torrents and other P2P is a situation of MANY IPs. So they should really monitor that too in order to come to a conclusion. However, I think it's just wrong in general to do. We pay for the service. Run a 90th percentile scenario if need be and charge for overage...for real heavy users...Maybe. Though I just think their approach is really crap and whatever they use to monitor is written REALLY bad. I'd expect more from a company with so much money.