dslreports logo
 story category
Net Neutrality Test
Kaminsky offers free tool at Black Hat
It could be Ed Whitacre's worst nightmare or it might make Mike McCurry eligible for sainthood. ComputerWorld is reporting that security researcher Dan Kaminsky has developed a way to test for network neutrality. A former security specialist for Cisco and Avaya, Kaminsky will present the technique at the Black Hat USA security conference in Las Vegas. Kaminsky calls his technique "TCP-based active probing for faults." Similar to traceroute, the tool goes a step further, making traffic appear as if it is coming from a particular carrier or is being used for a certain type of application. This will allow users to ascertain if providers are treating some network traffic as second-class. Results are slated to be posted at Doxpara Research.
view:
topics flat nest 
amungus
Premium Member
join:2004-11-26
America

amungus

Premium Member

haha

All I can do is laugh. This could get interesting if this tool does any good.

Score 1 for Mike.
shashinka9
join:2000-09-16
West Boylston, MA

shashinka9

Member

Re: haha

I agree, this is a great tool to stick it to da man!

h4x0r3d
Premium Member
join:2003-04-13
Oxford, MS

h4x0r3d

Premium Member

Re: haha

I second that

peter_m
Premium Member
join:2005-07-13
Canada, QC

peter_m

Premium Member

Re: haha

I third that!
72276539 (banned)
join:2001-01-19
Atlanta, GA

72276539 (banned) to shashinka9

Member

to shashinka9
said by shashinka9:

I agree, this is a great tool to stick it to da man!
How about finding out the truth without predetermined thoughts?
shashinka9
join:2000-09-16
West Boylston, MA

shashinka9

Member

Re: haha

So having a tool to check is bad? Not sure I understand where you are coming from.
72276539 (banned)
join:2001-01-19
Atlanta, GA

72276539 (banned)

Member

Re: haha

said by shashinka9:

So having a tool to check is bad? Not sure I understand where you are coming from.
Nowhere did I say having a tool to check is bad but you are already going into it with an assumption of the outcome. That will taint your results leaving whatever you manage to come up with null and void.

Dennis
Mod
join:2001-01-26
Algonquin, IL

Dennis

Mod

Cool but doesn't sound revolutionary to me

Sounds like it's just a modified port scanner...

vpoko
Premium Member
join:2003-07-03
Boston, MA

vpoko

Premium Member

Re: Cool but doesn't sound revolutionary to me

said by Dennis:

Sounds like it's just a modified port scanner...
Modified is the key word here. Port scanners don't have the ability to impersonate other protocols (a port scanner can send a packet to port 80, but it's not going to be an HTTP packet). This tool also seems to have some spoofing capabilities, though I'm not sure how that would work. We'll see...

Dennis
Mod
join:2001-01-26
Algonquin, IL

Dennis

Mod

Re: Cool but doesn't sound revolutionary to me

yeah but is it really trying to do that, or just trying to find out if an ACL was blocking that port.

vpoko
Premium Member
join:2003-07-03
Boston, MA

vpoko

Premium Member

Re: Cool but doesn't sound revolutionary to me

The article only says "...or is being used for a certain type of application." That could be taken to mean by port number or by the packet signature. I'm guessing (though I don't know) that he meant the latter, since otherwise it would just be a port scanner like you said and hardly news. But we shall see.

RadioDoc

join:2000-05-11
La Grange, IL

RadioDoc to Dennis

to Dennis
Not terribly revolutionary at all. Pingplotter has similar options and has had them for awhile now:



Dennis
Mod
join:2001-01-26
Algonquin, IL

Dennis

Mod

I've been looking to get my hands on this, it's something I'd really like to see.

My guess is, after some thought, it's a traceroute/port scanner hybrid that uses some pre defined filters to test common applications. That's the only way you'd increase performance enough to make it functional. Then it could determine the location of the ACL filter as well.

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5

Premium Member

Just more useless internet traffic

Just what the internet needs - hundreds of thousands of pseudo regulators generating useless overhead on the internet trying to prove that no discrimination is going on.

--
Join Red Room Forum
BLOG tkjunkmail.blogspot.com
My Web Page
grandpinaple8
join:2006-01-03
New York, NY

grandpinaple8

Member

Re: Just more useless internet traffic

That is partially correct TK it depends on exactly how net neutrality and this tool will work. It is too early to make a judgement.
pabster
join:2001-12-09
Waterloo, IA

1 recommendation

pabster to FFH5

Member

to FFH5
Is that you, Ed?

vpoko
Premium Member
join:2003-07-03
Boston, MA

1 edit

1 recommendation

vpoko to FFH5

Premium Member

to FFH5
Seems like an educated consumer is important to a healthy marketplace.

And you can blame the AT&T's of the world for starting this arms race with their suggestion of a "better busines model" for the internet.

firephoto
Truth and reality matters
Premium Member
join:2003-03-18
Brewster, WA

firephoto to FFH5

Premium Member

to FFH5
Yes, we should only be allowed to have internet traffic that is related to politics or or stock market data... or wait, that wouldn't work because that truly is useless traffic. Think of the bandwidth that could be saved if all political internet traffic was outlawed!

guitarzan
Premium Member
join:2004-05-04
Skytop, PA

guitarzan to FFH5

Premium Member

to FFH5
said by FFH5:

Just what the internet needs - hundreds of thousands of pseudo regulators generating useless overhead on the internet trying to prove that no discrimination is going on.

--
Join Red Room Forum
BLOG tkjunkmail.blogspot.com
My Web Page

Come on, TK, with a such a tool.

Give us the honorary command.

Gentlemen, start your Dumptrucks

insomniac84
join:2002-01-03
Schererville, IN

insomniac84 to FFH5

Member

to FFH5
It's kinda like the everything is ok alarm. All that extra traffic will flood the internet unless everything is not ok.
Mutiny32
Network Security Engineer
join:2000-07-04
Lees Summit, MO

Mutiny32 to FFH5

Member

to FFH5
Yeah, just like those pesky checks and balances going on in the US government. Things would just go faster if it went straight through the president for signing, no congress.
BIGHUSKER3
join:2002-01-20
Minneapolis, MN

BIGHUSKER3 to FFH5

Member

to FFH5
said by FFH5:

Just what the internet needs - hundreds of thousands of pseudo regulators generating useless overhead on the internet trying to prove that no discrimination is going on.

--
Join Red Room Forum
BLOG tkjunkmail.blogspot.com
My Web Page

"Hundreds of thousands" of people using this tool simultaneously is laughable. Almost as laughable as the fact that you think it would have any noticable effect.

gatorkram
Need for Speed
Premium Member
join:2002-07-22
Winterville, NC

gatorkram

Premium Member

voip / bittorrent

I'd be more interested in being able to test voip packets, or bittorrent and other such things that some isps might have an interest in trying to block, or otherwise degrade performance. It seems to me like this app might do the trick. I'm not so sure its a new and unique idea though.
rgoltsch
Premium Member
join:2001-03-04
Bradenton, FL

rgoltsch

Premium Member

Re: voip / bittorrent

Now I'm just waiting for the latest update to my TOS at Verizon stating that using a tool that disguises packets is not allowed.......OK, I'm just a little cynical

Ron

avantare
Go Tribe
join:2000-02-16
Rome, GA

avantare

Member

Re: voip / bittorrent

How could they tell? And what are they trying to hide then?

Chuck

insomniac84
join:2002-01-03
Schererville, IN

insomniac84 to gatorkram

Member

to gatorkram
To test voip: »www.testyourvoip.com/

MacLeech
The one and only
Premium Member
join:2001-07-14
SoCal

1 edit

MacLeech

Premium Member

Tool looks for "2nd class", but will it detect "FedEx"

Right now pretty much all the traffic on the internet is "best effort".

Everybody concerned about "net neutrality" is moaning that a 2-tier system means somebody's data traffic will be demoted to "2nd class" traffic....

What if everybody's traffic is already "2nd class" because it's "best effort" and the "second tier" will be a higher priority "FedEx class"?

Will this app detect that?

Orwell1984
@rr.com

Orwell1984

Anon

Re: Tool looks for "2nd class", but will it detect "FedEx"

If all traffic is already 2nd class then some will become 3rd class. All of the rhetoric I hear from telecom companies makes it sound as if there are already two networks. Build the next gen network first then try to sell space on it. If the new infrastructure is not in place yet how will they prioritize any traffic without degrading the rest? It also seems to me that the most urgent need for this expensive upgrade is the Telcos who desire to become cable TV operators. All of my broadband intensive apps work just fine on the current internet.
Your comparison to next day shippers might be apt. I have watched through tracking numbers both major shippers delay a package shipped 3day in a warehouse so it didn't arrive the next day. Wouldn't want to give someone service they didn't pay for, even if it costs more to delay it.

RARPSL
join:1999-12-08
Suffern, NY

RARPSL

Member

Re: Tool looks for "2nd class", but will it detect "FedEx"

said by Orwell1984 :

Your comparison to next day shippers might be apt. I have watched through tracking numbers both major shippers delay a package shipped 3day in a warehouse so it didn't arrive the next day. Wouldn't want to give someone service they didn't pay for, even if it costs more to delay it.
I've had the same thing happen to me due to deliberate misrouting. I used to order from a company in Southern New Jersey. The package was placed on a truck, driven to Newark Airport, placed on a plane and flown to the Express Company's hub, placed on another plane back to Newark, placed on a truck and driven to me at my Northern NJ UPS Store. The two flights added an extra day to the delivery time (as opposed to just moving it from an incoming to outgoing truck instead of routed it to the hub only to return it to where it was sent to the hub from).

Then there is UPS Ground which, by their own web site's delivery schedule, states that they pull all their trucks off the road and park them at 11:59PM Friday and only start to drive them again at 12:01AM Monday Morning. This is the only explanation I can think of why a package that is shipped on Monday gets delivered on Friday but one shipped on Thursday gets delivered on Wednesday (ie: Any shipment that has the package in transit over a weekend gets delivered 2 days later than one that does not involve a weekend).

envoid
join:2002-12-21
Duluth, GA

envoid to MacLeech

Member

to MacLeech
said by MacLeech:

Right now pretty much all the traffic on the internet is "best effort".

Everybody concerned about "net neutrality" is moaning that a 2-tier system means somebody's data traffic will be demoted to "2nd class" traffic....

What if everybody's traffic is already "2nd class" because it's "best effort" and the "second tier" will be a higher priority "FedEx class"?
When things actually work with the best-effort policy, what is the point of having a "priority" tier and having to pay more for it? It's like saying they're the damn US Postal Service, and they're nothing close. And to the extreme, it can be akin to saying African Americans or even non-Christians are 2nd class citizens. A priority tier would undermine the ground/main reason of the Internet.

Net-Neutrality is being pushed so anyone and everyone with or without money can have the same access to information and what-not that is out on the Internet. The rate you receive it depends on the width of the pipe from your home to your ISP, not some dumbass CEO who thinks he knows what is good for the world (lining his and his shareholders' pockets).

I honestly have to wonder how people can believe Whitacre's bullsh!t and that net-neutrality is nonsense. How can someone believe neutrality is not a good thing? Honestly, I want to know the reasons behind peoples belief of this.

MacLeech
The one and only
Premium Member
join:2001-07-14
SoCal

MacLeech

Premium Member

Re: Tool looks for "2nd class", but will it detect "FedEx"

Right now everything is "best effort".

My gaming gets the same priority as...
Orwell's 911 VoIP calls on Vonage, which get the same priority as...
Joe Shmoe's porn surfing, which get the same priority as...
Jane Smith's VPN connection to work, which get the same priority as...
envoid's P2P downloads, which get the same priority as....
Jack Black's connection to an IPTV server dealing out his latest movie. 

Yeah I'm sure all of those are equally important, have the same performance requirements, and there isn't ANY desire by the people or companies involved to have connections that are more consistent, have less latency or jitter in a route, and/or just a better guarantee then "best effort"
It's ok though, the net is neutral, they'll all get there eventually...

•••••••

AnonProxy
Premium Member
join:2001-05-12

AnonProxy

Premium Member

He will end up in jail on this one

Once people start using this stuff for hacking and spoofing from addresses and "attacks" he'll be done.

Not to mention that if you are saying that you are coming from an address that you are not, that's a fderal rap ala many and various sundry laws with regards to wire use.
Ahrenl
join:2004-10-26
North Andover, MA

Ahrenl

Member

Re: He will end up in jail on this one

Yeah, he'll end up in jail with all the gun manufacturer's and GM executives... We need a stupidest thing said in a thread award pic.. anyone got one? We can award them at the end of the day, and maybe get the moderators to attach a tally to each ID, so we can get a rough retard meter going..

KrK
Heavy Artillery For The Little Guy
Premium Member
join:2000-01-17
Tulsa, OK
Netgear WNDR3700v2
Zoom 5341J

KrK

Premium Member

Nice.... They play games, and this renders the game moot

This could make the whole debate moot. Sounds to me that if certain providers did try and use QOS to get bribes for "premium traffic" while regulating the traffic of those who don't pay extra to lower speeds, this type of tool suggests you could "fake" your traffic to always be given high priority irregardless.

Making it moot. Well of course, until they pass a law that declares such behavior to be "terrorist" activity.

••••

batterup
I Can Not Tell A Lie.
Premium Member
join:2003-02-06
Netcong, NJ

batterup

Premium Member

Idiot in idiot out.

This will help as much a firewall logs. How many idiots look at firewall logs and call to complain about every port scan or ping request.