backbone transparent proxy / connection hijacking

Karl Denninger karl at mcs.net
Fri Jun 26 00:30:55 UTC 1998


On Thu, Jun 25, 1998 at 05:12:08PM -0700, Paul Vixie wrote:
> 
> The box we built was designed for access providers -- you know, put 1,000
> modems in a room and sell dialup accounts.  It works fine in that context.
> And, dialup users are usually not terribly deep as technologists, and they
> are used to having their bits mutilated in the great cause of "overcommit."
> 
> While a T1 data rate would present no real problem, a T1 customer who would
> usually recognize what was happening to them AND care about it, *would*
> represent a problem.  And besides, a T1 customer would probably be willing
> and able to use ICP or at least run their own local cache and point their
> browsers at it nontransparently.
> -- 
> Paul Vixie
> La Honda, CA			"Many NANOG members have been around
> <paul at vix.com>			 longer than most." --Jim Fleming
> pacbell!vixie!paul		 (An H.323 GateKeeper for the IPv8 Network)

Putting these in a POP and hijacking the connections can dramatically lower
the amount of money an NSP needs to spend on long-haul connections (every
locally-fed entry is one you don't pay to transport (again)).  

Why do you think this is so popular with the cable modem folks?

However, the first time a customer who didn't know about this gets an aged
quote on a stock (and loses their shirt), or something else happens that
causes real trouble, you've got a major problem, and it might be a legal
rather than an operational one.

I don't consider this kind of thing, done without full disclosure, to be 
proper in ANY context.  To accomplish the goal you have to *steal* the
packet flow that was given to you and monkey with it.

That act is at least somewhat likely to constitute "wiretapping", and since 
its done without the consent or even knowledge of *any* of the parties to 
the communication at hand......

--
-- 
Karl Denninger (karl at MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin
http://www.mcs.net/          | T1's from $600 monthly / All Lines K56Flex/DOV
			     | NEW! Corporate ISDN Prices dropped by up to 50%!
Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS
Fax:   [+1 312 803-4929]     | *SPAMBLOCK* Technology now included at no cost



More information about the NANOG mailing list