Outline ·
[ Standard ] ·
Linear+
YouTube Deep Packet Inspection, All HTTP connections being MITMed
|
Blast_Cyrus
|
 May 2 2013, 01:49 AM
|
|
QUOTE(raptar_eric @ May 2 2013, 01:45 AM) bro you got me wrong.. they CAN tell even on dynamic IP.. we end users do not know or do not have the "power" or ability to do it, but ISP level confirm can.. look at singapore, how do you think they can filter those downloading pirated animes and fine them, even they are on dynamic IP? in the Internet, nothing is temporary, everything is PERMANENT... traces are everywhere, caches are everywhere... google alone is like the world... anyway shouldnt explain so much or say so much, later dont know what happen  Yea, it very easy for them to see on their level not ours. Dynamic Routing that I am referring to is the ISP level router. Ordinary traceroute will literally useless, and like u said using transparent proxy or any transparent security device will be able to do this easily |
|
|
|
|
|
raptar_eric
|
May 2 2013, 01:52 AM
|
|
|
they do not really use dynamic IP for their devices at such high level of the network.. most of their addresses are normally NAT address, which are directed to the firewall port... destination IP is the firewall IP, NAT to their internal device be it DNS server, any filtering appliance, etc.
|
|
|
|
|
|
Shah_Etd
|
May 2 2013, 01:53 AM
|
Getting Started
|
try reading on common ISP/network security policy and standards , router logs capability etc... if you want to know better.
as for the video, i can't play it on browser but my downloader could detect it after few minutes...
This post has been edited by Shah_Etd: May 2 2013, 01:59 AM
|
|
|
|
|
|
Blast_Cyrus
|
May 2 2013, 02:08 AM
|
|
|
Backbone wise is probably Static IP connecting to the border but the routing in between is confirmed to by dynamic hop so that there's no single point of failure and also possibility of security devices performing all sort of filtering.
Le sigh and dissapointed with all these..
|
|
|
|
|
|
akagidemon
|
May 2 2013, 02:08 AM
|
|
|
umobile can view the videos.
|
|
|
|
|
|
johnlth93
|
May 2 2013, 02:08 AM
|
|
|
hmm China-style perhaps? M-GFW  |
|
|
|
|
|
frequency
|
May 2 2013, 02:09 AM
|
|
|
using maxis..cant view the video as well
|
|
|
|
|
|
IwanAGP
|
May 2 2013, 02:13 AM
|
|
|
http://www.youtube.com/watch?v=hHTz22bTBRwI can actually get this video to load on my UniFi VIP 5 after leaving the tab there for a couple of min. Sound just come out suddenly and I finished whole video. Not network enthusiast here, I'm not even using Google DNS  But it loads only after a few mins. Anyone can try?
|
|
|
|
|
|
IwanAGP
|
May 2 2013, 02:16 AM
|
|
|
http://www.youtube.com/watch?v=uVWxB4AWOxcConfirmed with this video. It just starts loading after around 2 mins of leaving it idle. What's wrong? Failed!!!
|
|
|
|
|
|
kurangak
|
May 2 2013, 02:23 AM
|
|
|
p1 can play both vid...blocked only by tmnet?
|
|
|
|
|
|
xDragonZ
|
May 2 2013, 02:26 AM
|
|
|
QUOTE(IwanAGP @ May 2 2013, 02:16 AM) http://www.youtube.com/watch?v=uVWxB4AWOxcConfirmed with this video. It just starts loading after around 2 mins of leaving it idle. What's wrong? Failed!!! Tried load with Streamyx (with Google DNS), won't load at all and try with VPN and it loads well.  edit: tested to load non https facebook politic page also cannot load. This post has been edited by xDragonZ: May 2 2013, 02:56 AM |
|
|
|
|
|
andrew9292
|
May 2 2013, 02:30 AM
|
|
|
QUOTE(IwanAGP @ May 2 2013, 02:16 AM) http://www.youtube.com/watch?v=uVWxB4AWOxcConfirmed with this video. It just starts loading after around 2 mins of leaving it idle. What's wrong? Failed!!! hah! kantoi... another one... cant load at all.. basic crowd will refresh/close vid after 30secs of waiting. hence, can say this video is affectively unavailable. |
|
|
|
|
|
andrew9292
|
May 2 2013, 02:41 AM
|
|
|
QUOTE(rizvanrp @ May 1 2013, 04:00 AM) UPDATE :I performed a simultaneous packet capture on both my client + remote server while encapsulating the HTTP connection via plaintext SOCKS. All the video payload packets were dropped en route back to my SOCKS client : Dafuq? UPDATE 2 :Confirming all plaintext HTTP connections on Unifi (and maybe Celcom + Maxis) are being man-in-the-middle'd and dropped if they contain blacklisted data. UPDATE 3 :Other sources confirming this .. (thanks wkkay): https://plus.google.com/1013966581485225280...sts/ak6opfbDxwa Just for debunking purposes bro, could these be anti-DDoS/trafic control methods assuming that the accessed media is high in demand, is it? Or is it pure MITM that only serves the purpose of a blockade? This post has been edited by andrew9292: May 2 2013, 02:41 AM |
|
|
|
|
|
xDragonZ
|
May 2 2013, 03:12 AM
|
|
|
QUOTE(andrew9292 @ May 2 2013, 02:41 AM) Just for debunking purposes bro, could these be anti-DDoS/trafic control methods assuming that the accessed media is high in demand, is it? Or is it pure MITM that only serves the purpose of a blockade? There's some others media is higher demand than the politic video and loads fine. |
|
|
|
|
|
yclian
|
May 2 2013, 03:18 AM
|
Getting Started
|
QUOTE(andrew9292 @ May 2 2013, 03:41 AM) Just for debunking purposes bro, could these be anti-DDoS/trafic control methods assuming that the accessed media is high in demand, is it? Or is it pure MITM that only serves the purpose of a blockade? Not aware that they blocked PSY's MTV. |
|
|
|
|
|
andrew9292
|
May 2 2013, 03:59 AM
|
|
|
QUOTE(xDragonZ @ May 2 2013, 03:12 AM) There's some others media is higher demand than the politic video and loads fine. QUOTE(yclian @ May 2 2013, 03:18 AM) Not aware that they blocked PSY's MTV. Thats my logic too...  But better for sifu to confirm mar, to protect his intrest, our interest and everyone's interest 'justice/claim'. Manatau later BN spin spin say our dear ISP put those measure in place cuz of DDoS for 'fair interest'... u know la, the usual crap... |
|
|
|
|
|
Meek
|
May 2 2013, 04:54 AM
|
Getting Started
|
Completely unrelated, but since 5 minutes ago I'm getting "Lowyat forum is busy blablabla" every few clicks. Everything else works fine, downloading and uploading as usual.
What are the odds Lowyat server is that busy at almost 5am in Malaysia?
|
|
|
|
|
|
KVReninem
|
May 2 2013, 04:58 AM
|
|
|
QUOTE(Meek @ May 2 2013, 07:54 AM) Completely unrelated, but since 5 minutes ago I'm getting "Lowyat forum is busy blablabla" every few clicks. Everything else works fine, downloading and uploading as usual. What are the odds Lowyat server is that busy at almost 5am in Malaysia? nope. ddos firing.  need advance server to fire back the line coming. if someone could just hijack those firing and divert back to where the source, it will be awesome. This post has been edited by KVReninem: May 2 2013, 05:00 AM |
|
|
|
|
|
SUSzaini900
|
May 2 2013, 05:03 AM
|
New Member
|
i'm unifi user. all links can be open.
|
|
|
|
|
|
chonggs
|
May 2 2013, 05:09 AM
|
New Member
|
Just a confirmation from Penang, using Streamyx 4Mbps. Both the videos below only shows first frame and no more. http://www.youtube.com/watch?v=hHTz22bTBRwhttp://www.youtube.com/watch?v=uVWxB4AWOxcHowever when using a proxy, e.g. http://www.proxfree.com/youtube-proxy.php both videos load fine! As for Facebook pages, the ones mentioned by doiwl above takes a long time to load or mostly fail to load totally: http://www.facebook.com/DAPMalaysia (421k) http://www.facebook.com/supportprdap (357k Likes) http://www.facebook.com/wewantochange (138k) http://www.facebook.com/zzkuaixun (137k Likes) http://www.facebook.com/DAPMalaysia.zh (97k) However, when I changed http:// to https:// all the pages load immediately! This is TOO MUCH!! Edit: I believe they tried to make users assume that it's Youtube's problem when the video hangs after the first frame. Kudos to OP for digging out the truth! This post has been edited by chonggs: May 2 2013, 05:14 AM |
|
|
|
|
Quote
0.0255sec
0.39
5 queries
GZIP Disabled