Sniffing Out Illicit BitTorrent Files

Found on Technology Review on Wednesday, 11 February 2009

According to its creators, the approach can monitor networks without interrupting the flow of data and provides investigators with hard evidence of illicit file transfers.

When the tool detects such a file, it keeps a record of the network addresses involved for later analysis, says Major Karl Schrader, who led the work at the Air Force Institute of Technology, in Kettering, OH.

"Our system differs in that it is completely passive, meaning that it does not change any information entering or leaving a network," says Schrader.

Also, that tool cannot deal with encrypted traffic and fails to handle a data flow of over 100MBit/s. Plus, it's illegal to monitor users; that's wiretapping. Furthermore, every cheap switch can copy all traffic to a monitoring port where a protocol analyzer can sniff the packets, so this is hardly new. This fails at so many levels that it's amazing. Not only that, but also a total waste of time.

Browse all articles« Previous « » Next »