Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Interests > Tilted Technology


 
 
LinkBack Thread Tools
Old 09-25-2005, 01:02 PM   #1 (permalink)
Dreams In Digital
 
SiNai's Avatar
 
Location: Iowa
Bittorrent and LAN help

My Bittorrent doesn't work well at all on my college LAN. It worked just fine on my computer before, but it seems like the LAN is seriously throttling the speeds that I download at. I don't think they are squelching the Bittorrent ports, because I have the same problem when I specify different ports (I just stuck a 1 in front of the default ports, which are somewhere around 6888, I think..)

Is there a way my LAN can determine what is Torrent traffic, and throttle that down? Does anybody have any advice on how I could get my Torrent working right again? I get NAT errors on all ports.. Is this a firewall issue? I have no firewalls on my computer at the moment..

Help!
__________________
I can't seem to remember now
What it was like- to live life, before you.. symbiont
SiNai is offline  
Old 09-25-2005, 02:26 PM   #2 (permalink)
wouldn't mind being a ninja.
 
MooseMan3000's Avatar
 
Location: Maine, the Other White State.
That's the college's firewall. They have all the ports stealthed, at least, which means nothing can see if they're open. There's a pretty good chance that anything besides normal ports (80, whatever the other internet and FTP ports are) is closed.

Also, they probably have some form of packet shaper. They can determine what sort of traffic it is by seeing where the data is coming from, what size packets it comes in, etc. The priority for this type of traffic and for, say, games is set very low, whereas normal web browsing and email are significantly higher.

So basically, unless you can bed one of the IT staff and covince him/her to forward traffic through one specific port for you, you're SOL. I've heard rumors that setting up a proxy can help some of these issues, but I could never get it to work. I had the same problem transferring from the proxy as from anywhere else.
MooseMan3000 is offline  
Old 09-25-2005, 02:28 PM   #3 (permalink)
Crazy
 
The common approach universities take is instead of restricting specific ports while allowing all, they will restrict everything and allow specific ports.

The ports you listed are both nonstandard, so you're probably being restricted under the "global restriction" policy. It takes a lot more effort to determine what program's data is flying through a port- I'm 99% positive that they don't know bittorent from anything else that would use the port.

NAT error is probably because you are part of the university's subnetwork. Other bittorent clients cannot determine your pc's IP. Probably because you don't have your own IP address. Instead you probalby have one for the local network and the school's mainframe exists as your gateway.

The NAT error could also be a result of you changing ports. It's not enough to change a port on the bittorent client and receive data- you have to get other clients to send you data on that port. This can't be done without changing the tracker to specify a different host port.

Unfortunatly, I believe you're out of luck. If you do manage to get bittorent working on some random port, the university would notice the abnormal change in network activity and block the port as a percaution. Universities are very much against Torrenting as it eats up bandwith needed for the rest of the campus.
Robaggio is offline  
Old 09-25-2005, 03:26 PM   #4 (permalink)
Darth Papa
 
ratbastid's Avatar
 
Location: Yonder
Quote:
Originally Posted by Robaggio
The common approach universities take is instead of restricting specific ports while allowing all, they will restrict everything and allow specific ports.
Yep, and from the IT administrator's point of view, that's the right policy. Unless you have a reason for one of your ports to be open, it should be closed.

Sorry to say this, but you'll likely continue to have poor Bittorrent performance unless you can convince an IT person to open up the appropriate ports and forwarding them to your IP. In other words: you'll likely continue to have poor Bittorrent performance.
ratbastid is offline  
Old 09-25-2005, 07:21 PM   #5 (permalink)
Dreams In Digital
 
SiNai's Avatar
 
Location: Iowa
Thanks for the quick responses, guys. I expected to be told this.. Is it possible to change the port to something that wasn't blocked, maybe an email port, or something?

Small clarification- The NAT error isn't from my changing ports, it's always been there, even when using default ports. As for what you are saying about my IP.. You're probably right. I can get bittorrent traffic, however.. but it's usually ~1k/sec or less.
__________________
I can't seem to remember now
What it was like- to live life, before you.. symbiont
SiNai is offline  
Old 09-26-2005, 06:09 AM   #6 (permalink)
I am Winter Born
 
Pragma's Avatar
 
Location: Alexandria, VA
There are applications called packet shapers that can do Layer 7 (Application) examination of packets and determine what protocol they're for, no matter what port they're running on. It's entirely possible that no matter how you change the ports, they're still getting subjected to a much lower priority due to the P2P nature.

At my uni, web traffic gets the best priority, then things like mail and FTP, then unknown traffic, then games, then finally P2P. Even if you try to change the port to one that isn't blocked, you may still run into problems.

You could try running BT on port 80 (WWW) or 25 (SMTP) and see if that helps - but if they're doing Layer 7 inspection, it won't.
__________________
Eat antimatter, Posleen-boy!
Pragma is offline  
Old 09-26-2005, 06:33 AM   #7 (permalink)
Mjollnir Incarnate
 
Location: Lost in thought
Quote:
Originally Posted by Pragma
You could try running BT on port 80 (WWW) or 25 (SMTP) and see if that helps - but if they're doing Layer 7 inspection, it won't.
First thing I tried, and no luck. I've resigned myself to no P2P.
Slavakion is offline  
Old 09-26-2005, 06:47 AM   #8 (permalink)
Junkie
 
nukeu666's Avatar
 
Location: India
i wrote a little howto on useing bittorrent and DC thru firewall
check it out

http://animestan.7.forumer.com/viewtopic.php?t=251
__________________
Why did the Comp. Engineer get X-mas and Halloween mixed up?
Because Oct(31) == Dec(25)
nukeu666 is offline  
Old 09-26-2005, 08:00 AM   #9 (permalink)
Go Cardinals
 
soccerchamp76's Avatar
 
Location: St. Louis/Cincinnati
One way is to make friends with your schools IT department, or get a job there.
__________________
Brian Griffin: Ah, if my memory serves me, this is the physics department.
Chris Griffin: That would explain all the gravity.
soccerchamp76 is offline  
Old 09-26-2005, 10:18 AM   #10 (permalink)
Professional Loafer
 
bendsley's Avatar
 
Location: texas
To expand on what Pragma said, which I am in complete agreeance with him, packet inspection might be happening at mutiple layers.

The reality of modern application demands and capabilities require that firewalls with a much more intimate level of knowledge of the application payload. Emerging applications utilizing XML and Simple Object Access Protocol (SOAP) require the firewall to monitor the content within the packets at wire-speed. Additionally, applications which can change their communication ports in order to bypass outbound filtering or those which tunnel within commonly allowed ports (such as 80/TCP) must be monitored as well in order to provide for the maximum amount of security within the network.

To address the limitations of Packet-Filtering, Application Proxy, and Stateful Inspection, a technology known as Deep Packet Inspection (DPI) was developed. DPI operates at L3-7 of the OSI model. DPI engines parse the entire IP packet, and make forwarding decisions by means of a rule-based logic that is based upon signature or regular expression matching. That is, they compare the data within a packet payload to a database of predefined attack signatures (a string of bytes). Additionally, statistical or historical algorithms may supplement static pattern matching.

Analysis of packet headers can be done economically since the locations of packet header fields are restricted by protocol standards. However, the payload contents are, for the most part, unconstrained. Therefore, searching through the payload for multiple string patterns within the datastream is a computationally expensive task. The requirement that these searches be performed at wirespeed adds to the cost. Additionally, because the signature database is dynamic, it must be easily updateable. Promising approaches to these problems include a software-based approach (Snort implementing the Boyer-Moore algorithm), and a hardware-based approach (FPGA's running a Bloom filter algorithm).

DPI technology can be effective against buffer overflow attacks, denial of service (DoS) attacks, sophisticated intrusions, and a small percentage of worms that fit within a single packet.

I guess that was more than you really were asking for, but I am assuming the college is probably running some pretty expensive equipment to span the student/staff/ faculty body. When I worked as a network admin. for the college I was attending, we setup multiple Cisco 5505 chassis with 48 port cards, dual supervisor engines, etc. Expensive equipment as well, and it can aid in doing packet inspection.

Anyway, yeah, it looks like you don't have much of an option if the school is doing any SPI or similar.
__________________
"You hear the one about the fella who died, went to the pearly gates? St. Peter let him in. Sees a guy in a suit making a closing argument. Says, "Who's that?" St. Peter says, "Oh, that's God. Thinks he's Denny Crane."
bendsley is offline  
Old 09-26-2005, 02:00 PM   #11 (permalink)
 
trickyy's Avatar
 
Quote:
Originally Posted by Slavakion
First thing I tried, and no luck. I've resigned myself to no P2P.
have you tried mirc?
trickyy is offline  
 

Tags
bittorrent, lan


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -8. The time now is 09:47 AM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360