Thread: Facebook - friend or foe?
View Single Post
  #230 (permalink)  
Old 25-03-2009, 14:48
peachy's Avatar
peachy peachy is offline
Epicurist
  
Join Date: Oct 2008
Location: Züri Oberland
Posts: 3,319
Thanks: 454
Thanked 687 Times in 418 Posts
Groans: 17
Groaned at 13 Times in 11 Posts
peachy is on a distinguished road
Default Re: Facebook - friend or foe?
Quote:
Originally Posted by BigD View Post
Suspicious transmissions would be flagged up as non-standard encoding of traffic in a voice application for example. A low bandwidth voice is expected to be encoded in a certain way. If someone that knew the protocol for voice encoding, start of message frame , on a closed channel (multiplexing obviously makes it more difficult) etc etc, could recognise that your data payload does not correspond with the characteristics of open-traffic. That would set alarm bells ringing without you having to do anything.

I have no direct knowledge of any of this in use other than I would be very surprised if such alarms are not already in use.

BigD
It's pretty easy to identify encrypted voice traffic but then it could be tunneled though an ssh tunnel (a VPN) for example and there is no way of knowing what that carries. You'd have to accept that some traffic you will not be able to sniff, or block certain types of ssl traffic which has it's own limitations.
Reply With Quote