Results 1 to 3 of 3

Thread: Detecting packet injection: a guide to observing packet spoofing by ISPs

  1. #1
    Senior Member
    Join Date
    Feb 2008

    Default Detecting packet injection: a guide to observing packet spoofing by ISPs

    Detecting packet injection: a guide to observing packet spoofing by ISPs


    Certain Internet service providers have begun to interfere with their users' communications by injecting forged or spoofed packets - data that appears to come from the other end but was actually generated by an Internet service provider (ISP) in the middle. This spoofing is one means (although not the only means) of blocking, jamming, or degrading users' ability to use particular applications, services, or protocols. One important means of holding ISPs accountable for this interference is the ability of some subscribers to detect and document it reliably. We have to learn what ISPs are doing before we can try to do something about it. Internet users can often detect interference by comparing data sent at one end with data received at the other end of a connection.

    Techniques like these were used by EFF and the Associated Press to produce clear evidence that Comcast was deliberately interfering with file sharing applications; they have also been used to document censorship by the Great Firewall of China. In each of these cases, an intermediary was caught injecting TCP reset packets that caused a communication to hang up - even though the communicating parties actually wanted to continue talking to one another. In this document, we describe how to use a network analyzer like Wireshark to run an experiment with a friend and detect behavior like this. Please note that these instructions are intended for use by technically experienced individuals who are generally familiar with Internet concepts and are comfortable installing software, examining and modifying their computers' administrative settings, and running programs on a command line.

    I was browsing Google and came across this. Looks quite interesting so I thought I would share.
    [FONT=Courier New][SIZE=2][FONT=Courier New]hehe...

  2. #2
    Junior Member
    Join Date
    Feb 2008


    Hmm. Interesting. I wonder how often ISP's use packet sniffers and record data as well.

    I might make this the topic of my final in my Information Assurance class.

  3. #3


    In Europe, all ISPs (most of them, and in Bulgaria all of them) are oblidged by the law to keep 2! year log of all internet activity. So... I guess it is the same in many other countries, and since the government controls the ins and outs of all information passing through it's borders (except for satellite comm. ), the only way to protect your privacy is was and will be strong encryption.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts