Comcast Forging Packets To Filter Torrents using RST Packets
2069 views 
Over the past weeks more and more Comcast users started to notice that their BitTorrent transfers were cut off. Most users report a significant decrease in download speeds, and even worse, they are unable to seed their downloads. A nightmare for people who want to keep up a positive ratio at private trackers and for the speed of BitTorrent transfers in general.
ISPs have been throttling BitTorrent traffic for almost two years now. Most ISPs simply limit the available bandwidth for BitTorrent traffic, but Comcast takes it one step further, and prevents their customers from seeding. And Comcast is not alone in this, Canadian ISPs Cogeco and Rogers use similar methods on a smaller scale.
Unfortunately, these more aggressive throttling methods can’t be circumvented by simply enabling encryption in your BitTorrent client. It is reported that Comcast is using an application from Sandvine to throttle BitTorrent traffic. Sandvine breaks every (seed) connection with new peers after a few seconds if it’s not a Comcast user. This makes it virtually impossible to seed a file, especially in small swarms without any Comcast users. Some users report that they can still connect to a few peers, but most of the Comcast customers see a significant drop in their upload speed.
The throttling works like this: A few seconds after you connect to someone in the swarm the Sandvine application sends a peer reset message (RST flag) and the upload immediately stops. Most vulnerable are users in a relatively small swarm where you only have a couple of peers you can upload the file to. Only seeding seems to be prevented, most users are able to upload to others while the download is still going, but once the download is finished, the upload speed drops to 0. Some users also report a significant drop in their download speeds, but this seems to be less widespread. Worse on private trackers, likely that this is because of the smaller swarm size.
How to bypass comcast filters
I dont have much knowledge of Bittorrent protocol, but cant we devise a way to detect that ISP is blocking the client from SEED'ing.
For example, When the bittorrent client starts up - it sends SEED packets to (lets say) 10 randomly different IP's. Now, if you recieve RST packets for most of those 10 packets then probably your ISP is blocking from bittorrent SEEDING.
If your ISP is sending RST packets, then what will happen if you start ignoring those ?
I believe the connection will remain open for some time based upon your OS ( or this can be set in the client itself ) and then automatically closed as no data was transferred ?
My god people, it's just a bit, MASK IT OFF!
ISPs attack and you can't figure out how to mask off a bit?
OK, so you only want that to happen when you are running bittorrent, the rest of the time you want it normal, so make it happen! Make a switch, make a file that has a 1 or 0 in it to tell your TCP stack what you want it to do. Have a script monitor for bittorrent running and flip the bit.
What? Your lame OS doesn't let you change the TCP stack? Shame on you! It's 2008! Get a real OS that can respond to attacks like this in a short period of time.
OK, never mind, wait for your OS provider to come up with a solution in a year or two, it will be in "service pack 20,000" soon, just wait OK?
Post new comment