Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE
From: Charles Newman (charlesnewman1_at_comcast.spamkiller.net)
Date: 10/14/05
- Next message: Renegade: "Re: Zone Alarm shuts down interenet access when computer is idle"
- Previous message: jameshanley39_at_yahoo.co.uk: "Re: ICMP Type 8 Echo Request packet security concerns"
- In reply to: Owl Jolsen: "March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
- Next in thread: Charles Newman: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
- Reply: Charles Newman: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 14 Oct 2005 07:23:57 -0700
"Owl Jolsen" <owljolsen@nym.alias.net> wrote in message
news:20051002071114.22718.qmail@nym.alias.net...
>
>
> In less than 6 months, we will be one of several online media companies
> webcasting the total solar eclipse from Africa, on 29th March, 2006. This
> will be during the working hours in Europe.
> For corporate IT admins in Europe, this will be their WORST NIGHTMARE
> come to life. We are working on and improving our system in sucha way that
> corporate IT admins in Europe will not be able to stop people from
watching
> the eclipse without shutting down the ENTIRE NETWORK. We will be using a
> heavily encrypted feed, so that any IT admins that try to sniff the
packets
> wont get anything. As somoene said once "The book will be open, but the
> pages will all be in an unreadble language".
> We will be running an ecnrypted link over port 80. There is NO WAY that
> can be shut down without cutting off ALL web access to the network. We are
> taking a cue from Kazaa, and P2P services, and are using encrypted links
> over port 80, which admins will be unable to stop without shutting down
the
> entire network.
> As far as eclipses go, this will be the longest, as far as totality
goes,
> since one of our competitors began webcasting eclipses way back in 1997.
> Where we plan to he webcasting from, it will be at about 10:45 AM British
> Summer Time, 11:45 in Central Europe (Europe goes to Summer Time on
Sunday,
> 26th March).
> Basically, people will be watching the eclipse, and gobbling down HUGE
> amounts of bandwidth. We plan to offer feeds up to 100K in bitrate, and
that
> will add up fast. Users will be clogging the network watching the eclipse,
> and corporate IT admins will have no CLUE as to what is going in, becusae
the
> feeds will be encrypted.
> The REAL nightmare scenario on this for IT admins, will be in the year
> 2009, when we will be webcasting a total solar eclipse with 6 minutes and
> 38 seconds of totality from Shanghai, China, on 22nd July, 2009. For
nearly
> 7 minutes, poeple will be clooging network bandwidth all over Asia, and
> becuase it will be encrypted, admins will never know that people are
watching
> the solar eclipse. It will also being during the workday in Australia, so
> Australian admins will also wonder why the bandwidth usage is going so
high.
>
>
As for the figure skating coverage they are doing, I think he is doing a
test
run at a compeittion in Vienna, because on Fs discussion board posts a
direct
link to live video. If this is eventually to be their video feed, Tiny
Personal
Firewall, placed on the network server, can stop it. I have outgoing traffic
restricted to pots 80 and 443, on the proxy, and that is enough to stop it.
Tiny, when put on a network server, has this flexibility that your hardware
firewalls do not, so if you want to stop this guy's video streaming, you
will
need to have Tiny, to effectively block it. If this is this guy's company
doing a test run, the stream runs at 339K bandwidth, that would eat
up your company bandwidth in a hurry. You better put a Windows box
with Tiny on it, on your network, to stop this on the network level.
It appears, as well, that HTTP-only is disallowed, and they will
only allow RTSP/MMS, on ports 554 and 1755, so using Tiny
and telling it to restrict your HTTP proxy to ports 80 and 443
should do the trick. This guy obviously never thought of what
Tiny, and other software based firewall programs can do.
Call it s "toy firewall", if you like, but it is the only foolproof
way you will be able to shut this guy's stuff down. Windows
Media player 10 tunnels through whatever HTTP proxy
that IE, or whatever the default broswer, is set to use. So
using Tiny, and restricting your HTTP proxy to ports 80 and
443 should do the trick.
- Next message: Renegade: "Re: Zone Alarm shuts down interenet access when computer is idle"
- Previous message: jameshanley39_at_yahoo.co.uk: "Re: ICMP Type 8 Echo Request packet security concerns"
- In reply to: Owl Jolsen: "March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
- Next in thread: Charles Newman: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
- Reply: Charles Newman: "Re: March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
