What if I set up a P2P service that runs on port 80 and only accepts encrypted files? What if I create an encrypted tunnel through this clever device on a well-known port like SMTP or HTTP? Even ROT13 encryption would defeat this system. So you say 'ok, then scan the large files'. Well, what if said P2P service comes with a client tool to split the encrypted files into random filesizes, and deliver them in a random order. Just tack some arbitary identifier header on the file and you're good to go. You need a sophisticated IDS system to nail this type of activity, and if the data is encrypted, well, good luck. However, for those sharing on a network such as Kazaa and not encrypting data, they are easily foiled. A simple sniffer at the local POP would solve the problem. Scan the packets on the Kazaa/P2P ports, and just send the offending user a spoofed TCP RST packet. This works like a charm, and can be implemented on any small device running say linux, or even a windows workstation - the only problem is parsing the packets over the local pop. As bandwidth to each user increases this becomes harder to do -- P2P networks have a tendency to swarm and saturate a link. However, once you get over the hurdle of resetting that first 60% of users, your life becomes easy as the packet rate decreases rapidly. Reset one endpoint and all endpoints feeding him will time out. Multicast is harder to 'jam', and the best option is still to set a low TTL on the transmitter, or fix it in code so it can't be increased beyond local area distribution. If my SocketJammer interests anyone, feel free to contact me offline (yes, you can also use this to kill offensive IM clients polluting the enterprise network with packets) :) Cheers Kon > I think it would be possible for ISPs to > have a firewall at their point of access to their subscribers > that basically scans all upstream traffic aimed at the Internet > and "catches" anything that contains a Broadcast Flag Identifier ---------------------------------------------------------------------- You can UNSUBSCRIBE from the OpenDTV list in two ways: - Using the UNSUBSCRIBE command in your user configuration settings at FreeLists.org - By sending a message to: opendtv-request@xxxxxxxxxxxxx with the word unsubscribe in the subject line.