|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: P2P Darknets to eclipse bandwidth management?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Florian Weimer wrote: > * Stephen J. Wilcox: > > >>packet inspection will just evolve, thats the nature of this >>problem.. there are things you can find out from encrypted flows - >>what the endpoints and ports are, who the CA is. then you can look >>at the characteristics of the data. > > > These protocols typically don't use a PKI. You could look at public > keys, but you don't even have to distribute them in-band. > > What you can do is look at packet sizes and do timing analysis on > incoming and outgoing packets to a particular hosts. For example, it > is possible to use such techniques to detect an interactive SSH > connection to a particular host on your network which is used by an > attacker to control an SSH client which connects to some other host. > I don't know how this scales to tens of thousands of hosts, though. > > Apart from that, I do not really understand the concept of "bandwidth > management". Isn't this this just an euphemism for "content > management", to avoid the ugly "c" word? In my complete ignorance, I would think that this is part of it certainly, but would be mostly qos issues. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFDHd+50STXFHxUucwRAnECAJ9zU2jRyCVB/ViE6vyELChQKASlDACglOk9 4aP9ur2gJ+CpQCdaIqE+ZAk= =1BZ/ -----END PGP SIGNATURE-----
|