Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Bittorrent - utorrent

from [Velasquez Venegas Jaime Omar] Network Security [Permanent Link]
Subject: RE: Bittorrent - utorrent
Date: Mon, 12 Mar 2007 11:42:56 -0500 
You may want to check this : 
http://www.allot.com/index.php?option=com_content&task=view&id=369&Itemid=18

Apparently this device and possibly Packeteer are able to detect ssl encyrpted 
bittorrent traffic 

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On 
Behalf Of Erick Jensen
Sent: Viernes, 09 de Marzo de 2007 06:02 p.m.
To: Ove Dalgård Hansen; focus-ids@securityfocus.com
Subject: RE: Bittorrent - utorrent

I would say, this is something that you can't control.  Yes, bit-torrent 
traffic can be encrypted, and it CAN run on 443.  But I switched mine to a 
random port in the 14000 range.  Then I check mark the "encrypted only" box and 
say "good luck Comcast!".  


I think the only effective way of hindering bit-torrent is what some 
universities do.  They limit the bandwidth and allow only burst of full 
bandwidth.  That way they make bit torrent unbearable to use.  So far that's 
the only way to counter the bit-torrent traffic.   

Has anyone else heard of a better way?



-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On 
Behalf Of Ove Dalgård Hansen
Sent: Wednesday, March 07, 2007 1:38 PM
To: focus-ids@securityfocus.com
Subject: Bittorrent - utorrent

Hello Everyone,

I am in a bit of trouble,

On a network where i am configuring IDS - using ASA5510 + SSM module, we try to 
deny access to Bittorrent downloads - it consumes quite a bit of bandwith and 
is not allowed by the company's policy.
We try to filter bittorrent which succedes - but the utorrent changes protocol 
and goes by the SSL port 443 and thereby circumvent the IDS, since its not 
possible to see the encrypted traffic. 

Does anyone out there have a good idea of how i am to solve the issue?


Best Regards

Ove Hansen
IT-Quality A/S
Banemarksvej 50F
Denmark - 2605




------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 
to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 
to learn more.
------------------------------------------------------------------------



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 
to learn more.
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  OSSEC Version 1.1 is available., Daniel Cid
Next by Date:  RE: Bittorrent - utorrent, dpat
Previous by Thread:  Re: Bittorrent - utorrent, Tremaine Lea
Next by Thread:  Re: Bittorrent - utorrent, Jex
Indexes:  [Date] [Thread] [Top] [All Lists]