Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 23-07-2008, 19:57   #12587
SMHarman
Inactive
 
Join Date: Jun 2003
Services: Cablevision
Posts: 8,305
SMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronze
SMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronzeSMHarman is cast in bronze
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by BetBlowWhistler View Post
Do you think the situation being investigated by the Police courtesy of Alex might explain it?

---------- Post added at 08:05 ---------- Previous post was at 07:52 ----------



It's worth pointing out to the non technical that the IP packets that everyone refers to has two sections.
1. IP Header
2. Payload

The IP header contains information to allow the packet to traverse the internet. Source IP, Destination IP, protocol type etc.

You should note that the information in this header cannot be used for traffic shaping of http traffic and the like as it would only mention the protocol 'tcp'.

You have to process this packet to 'strip off the outer layer' thus revealing the payload to consist of the following (let's continue with the http example)..

1. TCP Header
2. Payload

The TCP header contains other information for the processing computer so it knows what to do with it and how the packet fits in with other packets. Key fields in this header are the source and destination ports.

Most people will know by now that http runs on tcp/80, and this is all the information you really need to shape this traffic. You could distinguish between ftp, http and bit-torrent traffic at this level assuming everyone is using the standard ports for such protocols.

What DPI does is to look into the payload section which contains information for the application that is listening on the mentioned port, in this case port 80. For the sake of simplicity this is where your personal information is kept and you could also analyse the payload to see if you really are looking at http traffic or if you have disguised a bit-torrent stream on port 80.

My point is, it is nothing like a postcard apart from the fact that the packet isn't encrypted. (With encrypted traffic you would typically only see the IP header information so it can get where it's going).

It is very much like an envelope within an envelope within an envelope.

Anyone wishing to understand further is encouraged to google 'osi 7 layer model' - you should be able to find some general overviews. Even the wiki pages might be understandable
Yes it is but the fact that I feel Lord West is trying to get out is that the envelope is already regularly opened and the content looked at, just now it will be opened for the purpose of sending the recipient a higher quality of junk mail, sorry advertising.
SMHarman is offline