So I was really fed up of the lies thrown at me by Streamyx call center (VADS), but the last straw came when TM tech support themselves lied to me about blocking my traffic, so I have no choice but to get proof. This is how I did it:

1) Download Ethereal Network Analyzer

2) Install Ethereal along with the WinPcap driver that comes with it.
2a) Alternatively you can download the latest version of WinPcap instead of using the one packaged in Ethereal

3) Run Ethereal


4) Click to configure snooping



5) Configure the interface, which port you want to monitor, protocols, yada yada



6) After you've started capturing, remember to stop.




7) This is roughly what things will look like after you are done. If you are sniffing your BT traffic Look for the RST packet (as described in this thread.



What it actually means is that the client (you being the host) has acknowledged your request to reset the connection. However, if you check your entire TCP stream you will find that you have NOT sent out a RST packet. Meaning Streamyx screwed you.


Alternatively, if you are having problem with non-BT connection (perhaps you are downloading ahems from IRC), like how I am facing very slow traffic with my paid NNTP news service, you see this:


This proves that somehow part of your TCP sequence (usually the binary part) has been dropped by someone, so your entire sequence cannot be used by the application and has to be requested again. In short, you're still screwed by streamyx.

When I used a friend's streamyx account to log in(this dude has much lower traffic than I do), all these errors miraculously dissappeared and I am getting full speed.

I have decided to documented my findings because 2 days back after I made a complaint to Streamyx to escalate my case to level 2, someone from TM Technical Support said "international traffic is not our problem", and decided to close my case. He even challenged me to go to the SS13 TM office to prove my case, which I will do tomorrow, along with my documentations. I made another follow-up call to Streamyx today to inform them my findings, and viola, miraculously all those errors dissappeared.

Anyway, I'm going to visit TM tomorrow, and if it happens again, I'm going to complain to MCMC.

Hope it helps you people.

This post has been edited by spanker: Apr 27 2008, 05:27 PM

At this point, I'm not concerned about correcting Streamyx's misguided ways. I just want to get what I paid for.

That's why I've put up this crappy documentation to help prove how Streamyx is manipulating network packets to deny you service.

I don't care if they throttled P2P, but they are blocking my NNTP connections, a service which I pay premium dollars for.

Went to the office at SS13 today. Branch supervisor by the name of Encik Hussein said he has no knowledge of such blocking since he is only managing hardware between phone trunks to DSLAM exchange. Took my number. Told him about the attitude of his staff regarding the "not our problem" attitude, he defended his staff. I said "as a customer I don't care what you are in charge of, I just know TM and Streamyx, and your staff told me to come to the SS13 office, now I'm here. And you should not say it's not your problem because my logs said it is your problem". Showed him the logs, he said he will pass it onto other departments.

Sounds like this will be buried under a mountain of other cases. Looks like the people managing the network packets are the "untouchables" part of the TM org chart. Told him if it happens again, my next visit is to MCMC.

This post has been edited by spanker: Apr 28 2008, 06:36 PM

Well if someone other than Streamyx is spoofing them, I'd get RST packets from sources between Streamyx and 75.158.91.220 only (i.e. any relay servers connecting the 2 points). However, I get them on different channels, which does suggest someone much closer to home is spoofing the RST.

Nice catch though

That guy doesn't know what he's talking about


"Channels" as in peers/seeders. If the RST packets are coming in from various sources, it'll be much closer to me than it is to the seeders/peers.

If it is ONLY to 75.158.91.220, then yes you have a point. Plus, it doesn't explain my NNTP traffic being dropped

My NNTP traffic exceeds 50GB a month

This post has been edited by spanker: May 8 2008, 05:09 PM