http://www.perlmonks.org?node_id=291429

NodeReaper has asked for the wisdom of the Perl Monks concerning the following question:

Replies are listed 'Best First'.
Re: Are our bytes safe from our isp?
by Corion (Patriarch) on Sep 14, 2003 at 19:11 UTC

    With traditional information transmission, each midpoint between the two connection endpoints sees the data transmitted through it. In the case of your ISP, it is a single midpoint through which all information is channeled, and thus it can view all data you send to the connection endpoint.

    There is of course a way to guard against this, by using an encrypted connection - with an encrypted connection, some data (the encryption/decryption keys) are not transmitted via the connection, and thus only the endpoints can reconstruct the original data, while the midpoints between the endpoints only see the encrypted stream. Encryption comes in various strengths, some can be easily attacked by a human, some can be easily attacked by simple machine algorithms, and some require heavy computation, available with custom equipment.

    So basically yes, in principle and by definition, your ISP is capable of reading every single byte you send out.

    To (partly) guard you and your tinfoil hat against this, I recommend you look into mail encryption programs like Gpg and only visit websites through https links. Also, you should not use your ISPs proxy server, as this is a very convenient place to implement logging/tracing.

    To give the whole thing a perl spin, here is a small network tracer as it could be used by your ISP to trace your traffic or by yourself to check whether all your traffic is encrypted or not:

    #!/usr/bin/perl -w use strict; use Net::PcapUtils; use NetPacket; use NetPacket::Ethernet qw(:strip); use NetPacket::IP; use NetPacket::TCP; use Data::Hexdumper; sub packet { my ($self, $header, $packet) = @_; my $ip_obj = NetPacket::IP->decode(eth_strip($packet)); my $tcp_obj = NetPacket::TCP->decode($ip_obj->{data}); print $ip_obj->{src_ip} . ":" . $tcp_obj->{src_port},"\n"; return unless $tcp_obj->{data}; print hexdump data => $tcp_obj->{data}; }; Net::PcapUtils::loop(\&packet, SNAPLEN => 32768, NUMPACKETS => -1, FIL +TER => 'ip');

    Please note that due to the nature of the TCP/IP protocol, the ISP will always know the two endpoints of every connection made. To further guard against this, you could want to have a look at http anonymizing services.

    perl -MHTTP::Daemon -MHTTP::Response -MLWP::Simple -e ' ; # The $d = new HTTP::Daemon and fork and getprint $d->url and exit;#spider ($c = $d->accept())->get_request(); $c->send_response( new #in the HTTP::Response(200,$_,$_,qq(Just another Perl hacker\n))); ' # web
Re: Are our bytes safe from our isp?
by Abigail-II (Bishop) on Sep 14, 2003 at 19:22 UTC
    And your Perl question is what exactly?

    Abigail

      thank you very much Corion for your detailed explanation! cant i somehow enctypt the text that i send so that the isp cant see it, instead he will see the encrypted stream but then in the other hand how they will decrypt my text in the other side of the connection..... for example what can i do to at least protect my irc chatting from the curious eyes of the lonely isp dude that is watching me? and also mail as well! Thanks you.

        If you are a government agnet who is trading national secrets in an irc chatroom, my suggestion to you is a trip down by Q's lab. If you are trading warez, attempting to "cyber" with various individuals, or just want to keep the ISP guys from figuring out your 1337 strategy for Everquest, Star Wars Galaxies, or online solitaire then I appreciate the good laugh.

        Anonymously yours,
        Anonymous Nun