Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Florian Philipp <f.philipp@××××××.de>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] No torrent upload
Date: Tue, 12 Jun 2007 19:43:10
Message-Id: 200706122137.19844.f.philipp@addcom.de
In Reply to: Re: [gentoo-user] No torrent upload by Albert Hopkins
1 Am Dienstag 12 Juni 2007 21:25 schrieb Albert Hopkins:
2 > On Tue, 2007-06-12 at 20:09 +0200, Florian Philipp wrote:
3 > > dsl@HOMER_GENTOO64 ~ $ sudo tcpdump -vvns 1600 dst port 21
4 > > Password:
5 > > tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size
6 > > 1600
7 > > bytes
8 > > 18:37:12.543965 IP (tos 0x8, ttl 64, id 27970, offset 0, flags [DF],
9 > > proto:
10 > > TCP (6), length: 60) 192.168.1.2.45269 > 89.57.3.60.21: S, cksum
11 > > 0x8013
12 > > (correct), 1866573467:1866573467(0) win 5840 <mss
13 > > 1460,sackOK,timestamp
14 > > 6212569 0,nop,wscale 5>
15 > > 18:37:12.544426 IP (tos 0x8, ttl 64, id 17977, offset 0, flags [DF],
16 > > proto:
17 > > TCP (6), length: 60) 192.168.1.2.45288 > 89.57.3.60.21: S, cksum
18 > > 0x98ab
19 > > (correct), 1867615712:1867615712(0) win 5840 <mss
20 > > 1460,sackOK,timestamp
21 > > 6212569 0,nop,wscale 5>
22 > > 19:07:52.537852 IP (tos 0x8, ttl 64, id 17709, offset 0, flags [DF],
23 > > proto:
24 > > TCP (6), length: 60) 192.168.1.2.36423 > 89.57.3.60.21: S, cksum
25 > > 0x3a4e
26 > > (correct), 3820262832:3820262832(0) win 5840 <mss
27 > > 1460,sackOK,timestamp
28 > > 6672541 0,nop,wscale 5>
29 > > [...]
30 > > 27 packets captured
31 > > 54 packets received by filter
32 > > 0 packets dropped by kernel
33 >
34 > It's been a while since I looked at tcpdump, but this looks like
35 > yourself connecting *to* an FTP server (or I should say an external
36 > connection on port 21).
37 >
38 > > In the past Tiscali (my ISP) did not stop file sharing, they just
39 > > slowed it
40 > > down to 10-12k.
41 >
42 > But they don't slow down FTP? FTP *is* (client/server) file sharing.
43 >
44 > --
45 > Albert W. Hopkins
46
47 It seems they try to recognize some kind of signature/footprint/whatever which
48 is typical for file sharing. Apparently they don't check ports that are
49 heavily used due to performance issues or false positives.
Report Message
Find on MARC Find on Google Groups