TCP/IP - can telecom detect modem traffic at 33kb and below?
Daniel Ayers
Eric Stevens (stev...@iprolink.co.nz) wrote:
: Data now comes to me at just below 56k. But data to my ISP goes out at
: - you guessed it - half second bursts at 600 cps every 30 seconds.
The most likely causes of that, in my opinion, are:
1. Configuration error - either your end or theirs
2. Congestion between you and what you're talking to
3. You're misreading/misinterpreting what you are seeing
4. IP routing problems
: It's not line noise. The error correction hardly ever has to do
: anything. Something is controlling the rate of communication and I am
: damned sure it is neither of my modems. My ISP says it is not them
: either.
Sounds like everyone is absolving themselves of responsibility for the
problem - an all-too-frequent occurance.
: The problem seems to be related to peak traffic periods
Gee, maybe there's congestion somewhere in the data path between you and
what you are communicating with?
What hosts are you talking to and what type of application/traffic is
involved when you observe this problem?
: occurred to me that Telecom can detect the (sweetly) modu;ated tones
: of modems, bypass them to a switcher, which passes the frames at
: telecom's leisure through a telephone system congested by voice
: traffic.
Sorry Eric, that really isn't a credible explaination for your problem.
: I know my explanation is imaginative, it may be possible, and is
: probably paranoic. But can anyone explain what is really going on?
Its difficult to diagnose modem or IP-level problems second-hand from a
non-expert description. Sounds like you need some customer support from
your ISP. If you're not getting it, change ISP.
"It's not our fault" is NOT an acceptable response from an ISP when a
customer believes they are having a probem with their service.
: The only good news is that Telecom, if they can detect <33kb modem
: traffic, have not yet bothered to identify the raw data streams of
: 56kb down loads.
I think you have been watching too much TV, Eric.
Daniel.
------------------------------------------------------------------------------
Daniel Ayers, B.Sc (Hons), M.Sc Email: dan...@iconsult.co.nz
Networking and Security Consultant Phone: (021) 387-334
Internet Consulting FAX: (03) 351-5090
Christchurch Mobile FAX: (021) 692-987
Eric Stevens
On 4 Jul 1997 03:27:03 GMT, dan...@thumper.iconsult.co.nz (Daniel
Ayers) wrote:
>Eric Stevens (stev...@iprolink.co.nz) wrote:
>
>: Data now comes to me at just below 56k. But data to my ISP goes out at
>: - you guessed it - half second bursts at 600 cps every 30 seconds.
>
>The most likely causes of that, in my opinion, are:
>
>1. Configuration error - either your end or theirs
Not as far as I know. Bog standard USR identicl modems talking to each
other.
>2. Congestion between you and what you're talking to
That would be fine if we were talking data links, but this is
straright across Auckland using POTS. If my data download is slowed by
overloading to this extent then nobody should be able to talk. Unless
of course the Telecom link uses a digital multiplexer somewhere in the
route, in which case it would be relatively easy to sidestep data
traffic.
>3. You're misreading/misinterpreting what you are seeing
Nope. The graphic display of TCP Meter on my old machine showed
exactly what was going on in both dcirections. I haven't really got to
grips with Dial-up Monitor in NT yet but what I have seen is
consistent with what TCP Meter used to show me.
>4. IP routing problems
POTS, remember.
>
>: It's not line noise. The error correction hardly ever has to do
>: anything. Something is controlling the rate of communication and I am
>: damned sure it is neither of my modems. My ISP says it is not them
>: either.
>
>Sounds like everyone is absolving themselves of responsibility for the
>problem - an all-too-frequent occurance.
>
>: The problem seems to be related to peak traffic periods
>
>Gee, maybe there's congestion somewhere in the data path between you and
>what you are communicating with?
See above.
>
>What hosts are you talking to and what type of application/traffic is
>involved when you observe this problem?
My outgoing traffic is entirely email and ng articles.
>: occurred to me that Telecom can detect the (sweetly) modu;ated tones
>: of modems, bypass them to a switcher, which passes the frames at
>: telecom's leisure through a telephone system congested by voice
>: traffic.
>
>Sorry Eric, that really isn't a credible explaination for your problem.
If you are saying it can't be done, I can direct you to someone who
will be happy to build you a box to do it. If you are saying that
Telecom can't or don't do this, could you please explain why you are
so certain. I'm not saying you are not right: it's just that I would
like to know the reason for your confidence.
>
>: I know my explanation is imaginative, it may be possible, and is
>: probably paranoic. But can anyone explain what is really going on?
>
>Its difficult to diagnose modem or IP-level problems second-hand from a
>non-expert description. Sounds like you need some customer support from
>your ISP. If you're not getting it, change ISP.
I don't really think the ISP is the problem.
>
>"It's not our fault" is NOT an acceptable response from an ISP when a
>customer believes they are having a probem with their service.
But they may be correct. Certainly my problem does seem to not be
shared by other users.
Eric Stevens
Chaos is found in the greatest abundance wherever order is being
sought. It always defeats order, because it is better organised.
-: Ly Tin Wheedle
Daniel Ayers
Eric Stevens (stev...@iprolink.co.nz) wrote:
: That would be fine if we were talking data links, but this is
: straright across Auckland using POTS.
: Nope. The graphic display of TCP Meter on my old machine showed
: exactly what was going on in both dcirections. I haven't really got to
: grips with Dial-up Monitor in NT yet but what I have seen is
: consistent with what TCP Meter used to show me.
: >4. IP routing problems
: POTS, remember.
Maybe you should make up your mind what you are doing, and then state it
nice and clearly in your posting. Your posting is confused and
contradictory.
: >Sorry Eric, that really isn't a credible explaination for your problem.
: If you are saying it can't be done
I'm saying that you're paranoid if you seriously consider that Telecom
would do that.
I am sure there will be a nice, simple, ordinary and boring explaination
for the problem you are having. Your posting makes no sense to me at
all, so I can't help you find out what that explaination is.
Mark
In article <5phqi7$l...@wnnews1.netlink.net.nz>,
dan...@thumper.iconsult.co.nz (Daniel Ayers) wrote:
> Eric Stevens (stev...@iprolink.co.nz) wrote:
>
> : Data now comes to me at just below 56k. But data to my ISP goes out at
> : - you guessed it - half second bursts at 600 cps every 30 seconds.
>
> The most likely causes of that, in my opinion, are:
>
> 1. Configuration error - either your end or theirs
You probably want to check that the MTU set for your TCP/IP communiction
software is set to 1500, that also it's set to use 8 bits, no parity and
1 stop bit.
Regards
Mark
Eric Stevens
On Sun, 06 Jul 97 05:23:35 GMT, man...@ocean.southern.co.nz (Manfred
Marriott) wrote:
--- snip ----
>Try the following tests: upload a large, compressable piece of data to
>your ISP (say, as a file to the ftp site), try pinging your ISP.
'Ping' is milliseconds.
Look, all you lot out their: I'm not accusing Telecom of buffering
data traffic. But, I do know it is possible and all I wanted to know
is whether or not there is any chance of it happening.
Eric Stevens
There are two classes of people. Those who divide people into
two classes, and those who don't. I belong to the second class.
Richard Gallagher
stev...@iprolink.co.nz (Eric Stevens) wrote:
>Data now comes to me at just below 56k. But data to my ISP goes out at
>- you guessed it - half second bursts at 600 cps every 30 seconds.
>It's not line noise. The error correction hardly ever has to do
>anything. Something is controlling the rate of communication and I am
>damned sure it is neither of my modems. My ISP says it is not them
>either.
From your description it appears that data is getting from your
computer to you modem cleanly.
The thing that springs to mind is flow control, make sure that
hardware flow control is turned on both at the computer and at the
modem. Also try reducing the port speed which is probably set at
115200, try it at 57600. This probably will not solve your problem
but it may make it better.
Try the modem in a different computer the problem might even be with
your motherboard.
>The problem seems to be related to peak traffic periods and it has
>occurred to me that Telecom can detect the (sweetly) modu;ated tones
>of modems, bypass them to a switcher, which passes the frames at
>telecom's leisure through a telephone system congested by voice
>traffic.
If that were the case then the congestion would be in the form of line
noise. I assume you are making a local call to you ISP, there would
be little point Telecom going to such effort for a local call. It
would be much easier just to play a 'phone line are overloaded' to
anyone making a call.
--
Richard Gallagher
r...@cvm.co.nz
http://www.wave.co.nz/pages/rhg/richard/
Carey Evans
sup...@iprolink.co.nz (Mark) writes:
[snip]
> You probably want to check that the MTU set for your TCP/IP communiction
> software is set to 1500, that also it's set to use 8 bits, no parity and
> 1 stop bit.
Actually, I was having big problems with POP3 timeouts (downloading
the first message could take longer than three mintues) until I
changed my MTU _to_ 296, and someone else on the fetchmail mailing
list reported that this fixed their problem too. (296 might have been
an overreaction.)
--
Carey Evans <*> c.e...@clear.net.nz
"Deliver. Where's that?"
David Schreiber
In article <33ce0740...@news.iprolink.co.nz>,
stev...@iprolink.co.nz (Eric Stevens) wrote:
>Data now comes to me at just below 56k. But data to my ISP goes out at
>- you guessed it - half second bursts at 600 cps every 30 seconds.
>It's not line noise. The error correction hardly ever has to do
>anything.
Que? I've never seen a modem report its error correction process. If they
can I'd like to know how - it would make arguments with Telecom more certain.
Eric Stevens
The USR has an LED which lights up when error correction is on. I am
told that it bliinks when data has to be re-sent. I've never seen it
blinking.
The modem setup on NT4 allows for a beep on error. My computer beeps
only very occasionsally, usually never, during connection to my ISP.
I'm never watching at the odd time that it beeps, to see if the LED
blinks at the same time.
Andy Gardner
Eric Stevens <stev...@iprolink.co.nz> wrote:
> On 4 Jul 1997 03:27:03 GMT, dan...@thumper.iconsult.co.nz (Daniel
> Ayers) wrote:
>
> >Eric Stevens (stev...@iprolink.co.nz) wrote:
> >: occurred to me that Telecom can detect the (sweetly) modu;ated tones
> >: of modems, bypass them to a switcher, which passes the frames at
> >: telecom's leisure through a telephone system congested by voice
> >: traffic.
> >
> >Sorry Eric, that really isn't a credible explaination for your problem.
>
> If you are saying it can't be done, I can direct you to someone who
> will be happy to build you a box to do it. If you are saying that
> Telecom can't or don't do this, could you please explain why you are
> so certain. I'm not saying you are not right: it's just that I would
> like to know the reason for your confidence.
> >
> >: I know my explanation is imaginative, it may be possible, and is
> >: probably paranoic. But can anyone explain what is really going on?
FWII, Telecom already have the ability to differentiate between voice
and fax/modem traffic on the local loop. It would not surprise me if
they have already written the differential charging software, and the
day they think they can get away with it, they'll change a flag
somewhere and everyone (except XTRA users) will be charged per minute
for data calls.
Andrew P. Gardner ZL2VOA 176.019E 41.144S NZMS260 T27 626024
"Waikohi", Homewood, New Zealand http://navigator.co.nz/andy
Mediumwave DXer - Drake R8A http://www.geocities.com/CapeCanaveral/6685
Andy Gardner
Peter Lowrie
The bandwidth blues we all suffer may well be due to the filtering
activities of the GCSB ( Government Communications Security Bureau) and the
Police Looking for sex offenders, and the internal affairs. They have
secret contracts with Tele co's allowing them to tap your line, intercept
your email, mirror what your downloading off the web etcetera.
Olof Olsson
In article <01bc8f23$8dd7f8e0$81b41bca@gigger>, "Peter Lowrie"
<p...@xtra.co.nz> wrote:
Dream on :-)
--Olof
#include <std.disclaimer> /* My opinions are strictly my own */
--
Olof Olsson, System Architect, mailto: ol...@clear.net.nz
CLEAR Net, CLEAR Communications Ltd, Auckland, New Zealand.
ArFuR
In article <33c85873...@192.168.100.10>, to...@home.gen.nz wrote:
> On 13 Jul 1997 00:24:15 GMT, "Peter Lowrie" <p...@xtra.co.nz> wrote:
> >The bandwidth blues we all suffer may well be due to the filtering
> >activities of the GCSB ( Government Communications Security Bureau) and the
> >Police Looking for sex offenders, and the internal affairs. They have
> >secret contracts with Tele co's allowing them to tap your line, intercept
> >your email, mirror what your downloading off the web etcetera.
> This is pure BS. The only way Telecom (and I strongly suspect Clear,
> Bellsouth etc) release such information is via a search warrant. It
> may have happened when Telecom was the New Zealand post Office but the
> NZ Telecos are very well aware where they get their income from.
If it wern't for people like you the GCSB wouldn't be able to survive!
Then again, almost all average-joes are just like you and refuse to
believe!
You're call, just personally, I don't believe anyone in Intelligence nor
elsewhere in Goventment have enought moral fibre to stop them from doing
this sort of thing...
Did you know that the NZ goventment knew about the Rainbox Warrior bombing
before it auctually happened?
For more info on the Secret Powers book, try mailing sa...@cpp.co.nz
Ciao!
Pete
--
'The floggings will continue, until morale improves!'
*** *** *** *** *** *** *** *** *** *** ***
Pete Mundy
Service Manager
Advanced Communications (AASP+)
Nelson, NEW ZEALAND
E-Mail (w): pete (at) advcomm.co.nz.no.spam
E-Mail (h): pm (at) ts.co.nz.no.spam
Home Page: http://www.advcomm.co.nz/arfur/
Opinions/Views expressed are mine and not my employers.
Take the no spam parts out of my return address. It should end in 'NZ'. Also replace (at) with @ (trust me, you HAVE to say it! ;-)
ArFuR
In article <olof-ya02408000R...@news.clear.net.nz>,
ol...@clear.net.nz (Olof Olsson) wrote:
> In article <01bc8f23$8dd7f8e0$81b41bca@gigger>, "Peter Lowrie"
> <p...@xtra.co.nz> wrote:
>
> > The bandwidth blues we all suffer may well be due to the filtering
> > activities of the GCSB ( Government Communications Security Bureau) and the
> > Police Looking for sex offenders, and the internal affairs. They have
> > secret contracts with Tele co's allowing them to tap your line, intercept
> > your email, mirror what your downloading off the web etcetera.
>
> Dream on :-)
And they love people like you who refuse to believe it! Have a read of
'Secret Powers' and maybe visit the huge Satelite intercept statio in
Waihopi, just out of Blenheim that is used by the GCSB and the NSA in the
good old US of A!
Daniel Ayers
ArFuR (DONT_...@TO.THIS.ADDRESS) wrote:
: > This is pure BS. The only way Telecom (and I strongly suspect Clear,
: > Bellsouth etc) release such information is via a search warrant. It
: > may have happened when Telecom was the New Zealand post Office but the
: > NZ Telecos are very well aware where they get their income from.
: If it wern't for people like you the GCSB wouldn't be able to survive!
: Then again, almost all average-joes are just like you and refuse to
: believe!
You're a fool - probably with a boring life looking for a nice exciting
fantasy to believe in.
With regards to the Police - I have worked with the Police on investigations
into Internet crime, and I know just how careful they have to be to have
proper authorisation for any information they use.
The Police can do *nothing* except present a case to the courts, and if they
haven't done everything correctly you can bet that the defence will challenge
any improperly-gathered evidence and it will be thrown out.
: You're call, just personally, I don't believe anyone in Intelligence nor
: elsewhere in Goventment have enought moral fibre to stop them from doing
: this sort of thing...
I think your technique of mis-spelling key words to avoid the keyword
detection algorithms employed by the GCSB is a very clever idea. I am
impressed.
Don't you realise that (a) everyone knows spying is going on; (b) every
country does it; (c) people like you and I are extremely unlikely to be
targeted by it because we are unimportant and insignificant and (d) certain
people tout their beliefs and suspicions as fact in order to sell their
books.
A lot of people make money off the gulliability of people like you. Don't
bother us with it. If you don't like being spied on, pick up your phone and
complain to the GCSB.
: Did you know that the NZ goventment knew about the Rainbox Warrior bombing
: before it auctually happened?
Did you know that the word "gulliable" is not in the dictionary? And I've
written a book about why it isn't, send $29.95 to ...
Andy Gardner
Daniel Ayers <dan...@thumper.iconsult.co.nz> wrote:
> ArFuR (DONT_...@TO.THIS.ADDRESS) wrote:
>
> : > This is pure BS. The only way Telecom (and I strongly suspect Clear,
> : > Bellsouth etc) release such information is via a search warrant. It
> : > may have happened when Telecom was the New Zealand post Office but the
> : > NZ Telecos are very well aware where they get their income from.
>
> : If it wern't for people like you the GCSB wouldn't be able to survive!
> : Then again, almost all average-joes are just like you and refuse to
> : believe!
>
> You're a fool - probably with a boring life looking for a nice exciting
> fantasy to believe in.
>
> With regards to the Police - I have worked with the Police on investigations
> into Internet crime, and I know just how careful they have to be to have
> proper authorisation for any information they use.
Daniel "Networking and Security Consultant" Ayers (B.Sc (Hons), M.Sc
mind!) once again jumps at the chance to remind everybody that he has
"worked with the Police on investigations into Internet crime"
Yawn. That tired old scratched record.
Just because you've come into a little contact with the boys in blue,
doesn't give you the knowledge or authority to be able to state that
they are squeaky clean.
As for the GCSB and what it gets up to, what the fuck would you know
about it?
Oh, I get it. You're a secret agent! You know who they're monitoring/not
monitoring, because you're helping them do it. Aha!
ArFuR
In article <5qc0ha$3...@wnnews1.netlink.net.nz>,
dan...@thumper.iconsult.co.nz (Daniel Ayers) wrote:
> You're a fool - probably with a boring life looking for a nice exciting
> fantasy to believe in.
Heh heh.... Anyone who knows me personally here will be happy to correct
you I'm sure.. My life is far from boring, and I would quite happily say I
have plenty of exciting things to do, apart from this newsgroup. However I
suppose I shouldn't go mentioning then. I guess thats why I havn't
finished reading the book yet.
> With regards to the Police - I have worked with the Police on investigations
> into Internet crime, and I know just how careful they have to be to have
> proper authorisation for any information they use.
Who bought the Police into it? I never mentioned the police in my previous
postings whatsoever. I was talking about the Government using intellgence
and teh NSA, not the police. The truth being that most of the intelligence
collected in Waihopi(Sp?) is not even used in New Zealand!
> The Police can do *nothing* except present a case to the courts, and if they
> haven't done everything correctly you can bet that the defence will challenge
> any improperly-gathered evidence and it will be thrown out.
Once again, I never even mentioned the Police.
> I think your technique of mis-spelling key words to avoid the keyword
> detection algorithms employed by the GCSB is a very clever idea. I am
> impressed.
Uh huh.. I guess that was humour?
> Don't you realise that (a) everyone knows spying is going on; (b) every
> country does it; (c) people like you and I are extremely unlikely to be
> targeted by it because we are unimportant and insignificant and (d) certain
> people tout their beliefs and suspicions as fact in order to sell their
> books.
Can't beat facts mate. Photos, Documentation, Directions, Interviews etc.
> A lot of people make money off the gulliability of people like you. Don't
> bother us with it. If you don't like being spied on, pick up your phone and
> complain to the GCSB.
Nobody is going to spy on me. I have nothing to hide. Nothing of National
importance. However I do believe that they monitor the majority of
internet traffic in and out of New Zealand. The same with phones. They
don't monitor it with human ears, but with sophisticated computer
equipment, supplied by the NSA origionally.
Nuff of this. Sick and tired of arguing with stubborn minded persons such
as yourself Daniel. If I want to express my opinions in this NEWSGroup on
the subject I will do so, and I request that you don't speak for all users
and say "Don't bother us with it.". I don't believe you speak for all
users reading this group, and as far as I know you are no kind of
moderator.
Daniel Ayers
I've just checked back in the thread a bit to check my facts ...
: > With regards to the Police - I have worked with the Police
: Who bought the Police into it?
The Police were being discussed in the posting before the one you replied to,
and indirectly (search warrants) in the posting you replied to. Do you not
read postings before replying?
Also, I have direct personal experience I can draw on that tells me that
proper justification is an important issue when obtaining and using
information for Police prosecutions (more relevant to the earlier messages
than to yours). I chose to focus on something I directly knew about.
You might like to try basing your postings on something you actually know
about, rather than something you suspect (monitoring of internet traffic) or
something you read in a book that was based on someone else's judgement of
incomplete and possibly incorrect information (Waihopai).
Geoff McCaughan
ArFuR (DONT_...@TO.THIS.ADDRESS) wrote:
> Nobody is going to spy on me. I have nothing to hide. Nothing of National
> importance. However I do believe that they monitor the majority of
> internet traffic in and out of New Zealand. The same with phones. They
> don't monitor it with human ears, but with sophisticated computer
> equipment, supplied by the NSA origionally.
It's interesting to speculate if they have this capability or not. In order
to effectively monitor a stream of *many* simultaneous TCP/IP sessions, one
needs to be able to 'de-strand' the individual streams of data, otherwise
your keyword search is only going to give you the packet containing the
magic word rather than the entire message.
Alternately one would need to record the entire data stream so one could
backtrack and reconstruct a session after finding a keyword.
Either way the technology would be impressive in order to handle a
multi-megabyte data stream.
It is known that the spooks have the capability to monitor HF radio and
satellite traffic, plus landline traffic where this moves to terrestrial
microwave links [but how many of those are still in use outside wireless
networks?].
You certainly have a good chance of having your internet traffic spied upon
if you're using a satellite link. However large amounts of traffic into and
out of NZ travel via the PACRIM fibre optic cables. I have not seen any data
that indicates that the spooks have the facilities to monitor traffic which
is wholly landline based. It would be interesting to know for sure.
One has to wonder of course why they used to monitor microwave links in the
past to get access to undersea cable traffic if they had the ability to
access the copper.
Of course as mentioned earlier, keyword searches are a crock. Anything you
pick up en claire is going to be pretty small potatoes. Hence the whopping
pile of dross they have to dredge through at Fryberg house every week
looking for something more interesting than they could read in "Time".
And if any of the guys from ECHELON are reading this, tell Spud and Winnie
"yah boo sux" from me. Oh and you better run a sweep over the 12th floor
dunny, the frogs have planted a little surprise 'under the rim'.
Daniel Ayers
Hi Geoff,
: > importance. However I do believe that they monitor the majority of
: > internet traffic in and out of New Zealand. The same with phones. They
: > don't monitor it with human ears, but with sophisticated computer
: > equipment, supplied by the NSA origionally.
: It's interesting to speculate if they have this capability or not. In order
: to effectively monitor a stream of *many* simultaneous TCP/IP sessions, one
: needs to be able to 'de-strand' the individual streams of data, otherwise
: your keyword search is only going to give you the packet containing the
: magic word rather than the entire message.
There are public domain packet sniffers that already have this capability (eg.
sniffit). How much traffic they can handle is strictly an issue of hardware
performance.
However, performing meaningful real-time searches on that volume of data is
a much harder problem to solve (instead of just decoding it).
And that doesn't allow for breaking any encryption (eg. PGP) people might
be using - and you have to admit that it is likely that any sensitive traffic
over the net will be encrypted.
: It is known that the spooks have the capability to monitor HF radio and
: satellite traffic
Anyone can do that, its not difficult. Analogue cellphones and radio
communications are also very easy to monitor.