Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 


137 posts

Master Geek
Inactive user


  Reply # 664328 30-Jul-2012 23:56 Send private message

Hey mate, sorry it's getting late... being lazy... you're right I should have provided a direct link. My apologies for being a tad facetious.

2911 posts

Uber Geek
+1 received by user: 413

Trusted
Subscriber

  Reply # 664346 31-Jul-2012 01:10 Send private message

bradi: Hey mate, sorry it's getting late... being lazy... you're right I should have provided a direct link. My apologies for being a tad facetious.


His point is valid.  Being able to monitor individuals because a court has decreed it is a far cry from tracking everyone at once.  As I mentioned before, the storage requirements alone would be immense, let alone the processing capacity required to log every piece of traffic at once to said storage.  I'm not convinced any ISP in NZ could even afford to implement such a thing.

gzt

8427 posts

Uber Geek
+1 received by user: 1029


  Reply # 664495 31-Jul-2012 12:21 Send private message

bradi:
gzt: If I had a concern about ISP traffic monitoring I would use one or more of the many free or commercial solutions. I don't.

Ohh, just reread this, so wanted to follow up, you mentioned free solutions to verify if an ISP was monitoring your traffic... this is interesting, as I don't know how you could possibly tell.  So how do you know for sure?  You can't...

http://www.endace.com/industry-solutions-telecommunications.html

Unless you know a way to detect port mirroring, in-line packet capturing, and centralised logging.

I was referring to traffic routing / vpn / encryption solutions. Not solutions to detect monitoring.



137 posts

Master Geek
Inactive user


  Reply # 665072 1-Aug-2012 00:45 Send private message

Kyanar:
bradi: Hey mate, sorry it's getting late... being lazy... you're right I should have provided a direct link. My apologies for being a tad facetious.


His point is valid.  Being able to monitor individuals because a court has decreed it is a far cry from tracking everyone at once.  As I mentioned before, the storage requirements alone would be immense, let alone the processing capacity required to log every piece of traffic at once to said storage.  I'm not convinced any ISP in NZ could even afford to implement such a thing.


Yes valid point and not one that I was trying to address.  Specifically I was addressing the "capability" to do what I was suggesting is absolutely possible, given the limitations of above (and other things), but entirely within the realm of organisations prepared to purchase redundant caching appliances and other interesting network related equipment.

But this does lead into another interesting point in this discussion, which is the DIA Internet Filter.  I'm not going to touch this one as it's very messy, but boils down to whether you trust the government, which I gotta say I do... I have no choice.

I have to believe that my government has NZ's best interest and well being as a very high priority and at the end of the day, if it is doing what it is supposed to be doing then I have no problem with that (other than it's technically flawed in its purpose).

If we get back to the original question now that we've (sort of) established the playing field... ohh and add

"and what ISPs use the DIA routes"

because I am curious what ISPs make that decision for me.

2240 posts

Uber Geek
+1 received by user: 352

Trusted
Subscriber

  Reply # 665088 1-Aug-2012 01:38 Send private message

bradi:

...If we get back to the original question now that we've (sort of) established the playing field... ohh and add

"and what ISPs use the DIA routes"

because I am curious what ISPs make that decision for me.


The list of ISPs can be found here . One thing to note though is that any of those ISPs can stop using it on their terms. They are in no ways forced to accept the /32s being advertised.

While it's not designed to stop someone really looking for some kiddie porn, it does help stop someone 'stumbling' across it. 

If you're with one of those ISPs above, you could test it out to see what the block page looks like, it's VERY obvious when they block a page so parts of the internet won't disappear or be censored without your knowledge.

2996 posts

Uber Geek
+1 received by user: 458

Trusted

  Reply # 665196 1-Aug-2012 09:39 Send private message

In the spirit of openness

Taylor communications has three parts to our monitoring system

We only have 1000 v4 ip addresses avaliable to us and so some customers share a public ip address. When issues arise, we can cross check and prove innocence for other subscribers.
1. Connection logging
Each connection is logged. The data within the connection is not, except the type. Eg. Torrent, ftp, http.
This is for two reasons.
A. We can use traffic statistics and better manage the network.
B. If a copyright infringement notice is sent to us, we can check its valid before rejecting it or passing it onto the subscriber concerned.

The source, destination, type, time and data transfered for each connection is logged for 7 days.

2. Http logging.
Our transparent caching system also logs http requests. These are also stored for 7 days and are only used in two ways
A. General statistics so we know what websites are popular and could possibly add to our unmetered zone. We dont look at individual surfing habits.
B. Filtered lists can be supplied to police when we are issued with a warrant for a specific user. Again because of the natting issue, we can find which subscriber to supply the data on and prove innocence for our other subscribers sharing the same public ip.

3. Port.mirroring.
When issued with a police warrant, we have a facility at our high sites for police to plug into a managed switch and enable port mirroring on a specific subscriber radio. Police supply the monitoring cable, software and their own generator power supply.
We have never had to do this.

Sorry for any spelling mistakes, i am on my cellphone.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




2996 posts

Uber Geek
+1 received by user: 458

Trusted

  Reply # 665199 1-Aug-2012 09:42 Send private message

Ment to say monitoring computer, not cable as its just a cat5




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here






137 posts

Master Geek
Inactive user


  Reply # 665804 1-Aug-2012 23:29 Send private message

insane:
bradi:

...If we get back to the original question now that we've (sort of) established the playing field... ohh and add

"and what ISPs use the DIA routes"

because I am curious what ISPs make that decision for me.


The list of ISPs can be found here?. One thing to note though is that any of those ISPs can stop using it on their terms. They are in no ways forced to accept the /32s being advertised.

While it's not designed to stop someone really looking for some kiddie porn, it does help stop someone 'stumbling' across it.?

If you're with one of those ISPs above, you could test it out to see what the block page looks like, it's VERY obvious when they block a page so parts of the internet won't?disappear?or be?censored?without your knowledge.


I've never managed to "stumble" across kiddie porn, but thanks for the list though.



137 posts

Master Geek
Inactive user


  Reply # 665806 1-Aug-2012 23:32 Send private message

raytaylor: In the spirit of openness


Awesome, really appreciate this post. Thank you for sharing your policy, which sounds very even handed but still manages to meet legal obligations.

1 | 2 | 3 
View this topic in a long page with up to 500 replies per page Create new topic








Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:






Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.