Welcome Guest ( Log In | Register )

Outline · [ Standard ] · Linear+

 YouTube Deep Packet Inspection, All HTTP connections being MITMed

views
     
raptar_eric
post May 2 2013, 01:20 AM

Live life to the fullest!
******
Senior Member
1,352 posts

Joined: Jan 2006
From: Kuala Lumpur



even on HTTPs traffic, they can actually filter and block the traffic.. some say SSL/443 can only filter by IP and specific hostname, but no, they can do more in-depth filtering like DLP filtering (data loss prevention) which uses certain keywords as well as criterias...

they could easily forge up a recognized CA cert and put it in their core, and traffic going through would not prompt any cert unrecognized, etc.

all the video titles, video keywords and comments, can be filtered on HTTPs, UNLESS the videos do not have any related information so that filtering cant be done.. they can actually do video filtering also, but i don't think our ISP is at that level yet... some solutions like actiance (facetime) can do video filtering based on speech recognition algorithms..
raptar_eric
post May 2 2013, 01:38 AM

Live life to the fullest!
******
Senior Member
1,352 posts

Joined: Jan 2006
From: Kuala Lumpur



QUOTE(andrew9292 @ May 2 2013, 01:27 AM)
Question is, is it possible for us to find out if there is a system in place that logs down the IP address or the details of those who are accessing such online media? Can we find out if there is a classification system in place that would link such access to our internet accounts by which we register our Name as per IC Number? Eg, getting the IP address or MAC address of the system and tracing it back to it's manufacturer and model so we know what roughly what and how is it being done? If there is such things and if they get into the wrong hands assuming they are not already in wrong hands, the consequences of it is just....
*
not really bro... all these devices/appliances are placed on the top of the network hierarchy not at the bottom... the ISP can easily trace our IP, even we are on dynamic IP, back to who is viewing,etc. all our information registered to unifi/digi n bla bla bla...

even if you run a traceroute, how do you know which IP or which hop is the main device? and most of these device do not honor ICMP nor any traceroute... they normally block it to deny any DDoS attack on it... being in the ISP level, they have sufficient budget and also knowledge to secure their network, unless any attack is being done by using very low-level attacks... maybe anonymous can do it lol tongue.gif

adding on, most of these devices is running on transparent mode, just like a transparent proxy, where no physical IP nor virtual IP is needed.. data just pass through, and filtering is done...

This post has been edited by raptar_eric: May 2 2013, 01:38 AM
raptar_eric
post May 2 2013, 01:45 AM

Live life to the fullest!
******
Senior Member
1,352 posts

Joined: Jan 2006
From: Kuala Lumpur



bro you got me wrong.. they CAN tell even on dynamic IP.. we end users do not know or do not have the "power" or ability to do it, but ISP level confirm can.. look at singapore, how do you think they can filter those downloading pirated animes and fine them, even they are on dynamic IP? in the Internet, nothing is temporary, everything is PERMANENT... traces are everywhere, caches are everywhere... google alone is like the world...

anyway shouldnt explain so much or say so much, later dont know what happen sad.gif

This post has been edited by raptar_eric: May 2 2013, 01:45 AM
raptar_eric
post May 2 2013, 01:48 AM

Live life to the fullest!
******
Senior Member
1,352 posts

Joined: Jan 2006
From: Kuala Lumpur



QUOTE(andrew9292 @ May 2 2013, 01:44 AM)
Okay... sad.gif  Thanks for the information! Hope riz or someone can dig out more if it's possible. But personal safety recomended first of course...
doh.gif
*
at this point of time, what i can think of, is a client side VPN is the best solution
raptar_eric
post May 2 2013, 01:52 AM

Live life to the fullest!
******
Senior Member
1,352 posts

Joined: Jan 2006
From: Kuala Lumpur



they do not really use dynamic IP for their devices at such high level of the network.. most of their addresses are normally NAT address, which are directed to the firewall port... destination IP is the firewall IP, NAT to their internal device be it DNS server, any filtering appliance, etc.

 

Change to:
| Lo-Fi Version
0.0106sec    0.17    6 queries    GZIP Disabled
Time is now: 29th March 2024 - 01:21 AM