Global Proof

zis

Since yesterday i got a new connection from the cable guy where i live. It's a 256k unlimited traffic unlimited sessions connection at 50$/month.

The connection is through global proof and uses PPPoE. The guy said the connection is legal... But he wasn't so sure abt it..

Do you know anything abt the GlobalProof connections?

The equivalent IDM connection would be the corporate broadband at 110$/month.. Its a huge difference for the same service.. well with idm you got a real ip.. but that's abt it..

PS: Till now, the connection works fine.

samer

how much from the 256k are you actually getting on peak (and off-peak) hours? is bittorrent good? how about p2p?

zis

On peak i'm downloading at 20kb/s off peak im at ~35.. Bittorent is good. but not great, there's a badly configured router somewhere on the connection that's fucking things up abit.. but it ain't bad.. i'm downloading at 10 15k.. With Emule i always have a low id.. so the connection ain't great. LimeWire works fine..

mahdoum

interesting, btw I heard a new wireless internet is coming to Leb, connection through sim card I think.....

battikh

is'nt that gprs?

zis

unless its utms.. but i doubt they'll invest the millions necessary to upgrade the network. WiMax could be interesting though..

recon1025

Global proof is Wifi based. They use PPPoE for the authentication, the passwords of other users maybe sniffed over the line or at the time i was able to sniff other users username/password and service-discovery packets. Bottom line is this, their Access points use WEP encryption, that means insecure.. I wouldn't use their service even if i was paid to! Having your emails, chats and so forth sniffed over the line due to an insecure network = priceless. Get a real isp imo.

nuclearcat

First of all if you setup on your PC CHAP only authentication, nobody can sniff your password. Keypoint - to disable PAP in Windows PPPoE connection settings. It is also related to dialup and PPTP as well, i was intercepting dialup passwords before, by installing my "blackbox" in line, and imitating dialtone. My modem was answering, and voila.

About access points. It is not GlobalProof network, it is reseller network.

About traffic. Well. Any network is insecure, if you didnt know that. Even fiberoptic line can be intercepted (with expensive equipment). If you have some very secret information, use SSL, or VPN somewhere to hosting in europe let's say.

And last words... cause connection done in "simple" way, it is cheaper than dedicated installation. Still you can secure yourself, better than ISP. Sure if you want more safety, prepare "bucks" for more professional dedicated connection.

At VISP i can provide (not for free) openvpn connection, with powerful encryption. Also available PPTP with MPPE, and for corporate - IPSEC.

teodorgeorgiev

Recon, I will speak in points:

1. Learn what the abbreviation "Wi-Fi" means.

2. Security costs money. 802.1x enabled switches (read google on what 802.1x is) cost money.
If you pay for security and quality - you will get it. Everyone who asked us for assistance in security has
got it.

3. Of course we can run even 256bit IPSEC encryption and then 50% of the user bandwidth will go
for encryption. And then for 256Kbps you will get about 20KB/s max... ...

4. A pennyless crook like you does not have the right to say which ISP is real and which not.
I can hack my ISP here as well, but I am not doing it. I am just paying my 20 eur and that is.
Just because my parents gave me proper education and dedicated lot of time on me.

5. GlobalProof network is secure. The insecure part is the link between the reseller and the customer.
Reseller decide what kind of equipment to use. We can suggest, but only suggest. If they want to spend
money on STP/FTP, 802.1x enabled switches with VLAN, port security, storm control and etc - good, if not - bad. If GP network was insecure in general, you would have the root/admin passwords for our routers and
servers long time ago. But what you have is just empty pockets and empty head - a useless "gain".

6. I bet that GP network is at least 3 times more secure than your network :)
If you have the guts (and a network), we can make a public contest ;)

7. Yet GP is not a real ISP - you will imagine how many customers use the services with satisfaction.
You also could be seen on the gaming network :)

8. You have the right to criticize "a thing" created by someone, only if you have created something.
What you have created and what is your contribution to the network in Lebanon?
If all the ISP stop working on their network and do stealing and cheating like you, you would not have the chance to write these words on the Internet :)

But, thanks God, there are clever people who know that more important is to create, than to destroy.

I can name you at least 10 famous creators - Thomas Edisson, John Atanassov, Niels Bor, Linus Torvalds,
Albert Einstein, Popov, John Watt... ... ...

Now, you name me 10 famous loosers :)

zis

recon1025 wroteGlobal proof is Wifi based. They use PPPoE for the authentication, the passwords of other users maybe sniffed over the line or at the time i was able to sniff other users username/password and service-discovery packets. Bottom line is this, their Access points use WEP encryption, that means insecure.. I wouldn't use their service even if i was paid to! Having your emails, chats and so forth sniffed over the line due to an insecure network = priceless. Get a real isp imo.

WiFi based????? WTF does that mean? As far as i know most DSL providers in the world use PPPoE.. What access points are you talking about? WEP passwords can be sniffed.. but where is WEP used?

zis

I noticed a very high latancy on the network.. so i did a traceroute.. the number of nodes is extreemly high.. there are some i can't sort out.. perhpas someone can help me with them..

For Google.com
The first two ips 22.136 and 22.1 are my comp. and my router.. the rest well.. dunno. but there are many routers on the roofs of the buildings to reach the cable guy..
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
| Hop | %Loss | IP Address | Node Name | Location | Tzone | ms | Graph | Network |
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
| 0 | | 192.168.22.136 | - | * | | | | (private use) |
| 1 | | 192.168.22.1 | - | ... | | 0 | x | (private use) |
| 2 | | 172.16.10.1 | - | ... | | 6 | x | (private use) |
| 3 | | 194.146.155.1 | rev-155-1.globalproof.net | ?(Lebanon) | +02:00 | 7 | x | GlobalProof s.a.r.l |
| 4 | | 192.168.70.1 | - | ... | | 17 | x | (private use) |
| 5 | | 10.49.41.1 | - | ... | | 10 | x | (private use) |
| 6 | | 10.22.22.2 | - | ... | | 18 | x | (private use) |
| 7 | | 192.168.77.1 | - | ... | | 19 | x | (private use) |
| 8 | | 10.0.2.1 | - | ... | | 16 | x | (private use) |
| 9 | | 192.168.20.8 | - | ... | | 21 | x | (private use) |
| 10 | | 192.168.20.160 | - | ... | | 23 | x | (private use) |
| 11 | 100 | ?217.194.129.101 | - | | | | | SkyVision management networks |
| 12 | 100 | ?217.194.129.97 | - | | | | | SkyVision management networks |
| 13 | 100 | ?217.194.128.34 | GW1-FRA-DE.sky-vision.net | | | | | SkyVision management networks |
| 14 | | 213.198.77.157 | ge-2-4.r01.frnkge03.de.bb.gin.ntt.net | Frankfurt, Germany | +01:00 | 423 | x- | VERIO DE frankfurt facility |
| 15 | | 129.250.9.58 | ge-0.teleglobe.frnkge03.de.bb.gin.ntt.net | Frankfurt, Germany | +01:00 | 431 | -x | NTT America, Inc. NTTA-129-250 |
| 16 | | 80.231.64.26 | if-5-1.core1.PG1-Paris.teleglobe.net | Paris, France | +01:00 | 469 | x-- | Internal use for Teleglobe's Backbone |
| 17 | | 80.231.72.114 | if-10-0.core2.NTO-NewYork.teleglobe.net | New York, NY, USA | -05:00 | 536 | -x | Internal use for Teleglobe's Backbone |
| 18 | | 66.110.14.21 | if-3-0.core2.CT8-Chicago.teleglobe.net | Chicago, IL, USA | -06:00 | 590 | x-- | Teleglobe Inc. TELEGLOBE-2BLK |
| 19 | 100 | ?66.110.14.178 | if-5-0.core1.CT8-Chicago.teleglobe.net | | | | | Teleglobe Inc. TELEGLOBE-2BLK |
| 20 | 10 | 66.110.27.86 | ix-1-1.core1.CT8-Chicago.teleglobe.net | Chicago, IL, USA | -06:00 | 569 | x-- | Teleglobe Inc. TELEGLOBE-2BLK |
| 21 | | 216.239.46.1 | - | ?Mountain View, CA | | 547 | -x--- | Google Inc. GOOGLE |
| 22 | | 66.249.94.133 | - | ?Mountain View, CA | | 556 | -x- | Google Inc. GOOGLE |
| 23 | 10 | 64.233.175.42 | - | ?Mountain View, CA | | 565 | x-- | Google Inc. GOOGLE |
| 24 | | 64.233.167.99 | google.com | ?Mountain View, CA | | 548 | -x- | Google Inc. GOOGLE |
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Roundtrip time to google.com, average = 548ms, min = 506ms, max = 599ms -- 29-Sep-06 2:20:26 AM

For IDM

--------------------------------------------------------------------------------------------------------------------------------------------------------------
| Hop | %Loss | IP Address | Node Name | Location | Tzone | ms | Graph | Network |
--------------------------------------------------------------------------------------------------------------------------------------------------------------
| 0 | | 192.168.22.136 | - | * | | | | (private use) |
| 1 | | 192.168.22.1 | - | ... | | 0 | x | (private use) |
| 2 | | 172.16.10.1 | - | ... | | 18 | x- | (private use) |
| 3 | | 194.146.155.1 | rev-155-1.globalproof.net | ?(Lebanon) | +02:00 | 31 | x- | GlobalProof s.a.r.l |
| 4 | | 192.168.70.1 | - | ... | | 15 | x | (private use) |
| 5 | | 10.49.41.1 | - | ... | | 23 | x- | (private use) |
| 6 | | 10.22.22.2 | - | ... | | 25 | x- | (private use) |
| 7 | | 192.168.77.1 | - | ... | | 50 | x- | (private use) |
| 8 | | 10.0.2.1 | - | ... | | 33 | x- | (private use) |
| 9 | | 192.168.20.8 | - | ... | | 14 | x | (private use) |
| 10 | | 192.168.20.160 | - | ... | | 16 | x | (private use) |
| 11 | 100 | ?217.194.129.101 | - | | | | | SkyVision management networks |
| 12 | 100 | ?217.194.129.97 | - | | | | | SkyVision management networks |
| 13 | 100 | ?217.194.128.34 | GW1-FRA-DE.sky-vision.net | | | | | SkyVision management networks |
| 14 | | 213.198.77.157 | ge-2-4.r01.frnkge03.de.bb.gin.ntt.net | Frankfurt, Germany | +01:00 | 478 | -x-- | VERIO DE frankfurt facility |
| 15 | | 129.250.2.12 | xe-1-1-0.r21.frnkge03.de.bb.gin.ntt.net | Frankfurt, Germany | +01:00 | 444 | x | NTT America, Inc. NTTA-129-250 |
| 16 | | 80.81.192.50 | cr02.frf02.pccwbtn.net | Frankfurt, Germany | +01:00 | 449 | -x- | DE-CIX Frankfurt IXP |
| 17 | | 194.126.20.115 | - | ?(Lebanon) | +02:00 | 683 | -x- | Opus Libani |
| 18 | | 193.227.162.239 | - | ?(Lebanon) | +02:00 | 622 | x- | IncoNet-Data Management s.a.l. |
| 19 | | 193.188.135.16 | idm.net.lb | ?Beirut, Lebanon | +02:00 | 675 | -x | IncoNet sal |
--------------------------------------------------------------------------------------------------------------------------------------------------------------
Roundtrip time to idm.net.lb, average = 675ms, min = 650ms, max = 706ms -- 29-Sep-06 2:23:09 AM

zis

sorry the tables are fucked up.. i'll try to rearrange them..

nuclearcat

zis -
www.idm.net.lb, and idm.net.lb as well located not in lebanon. it is hosting in greece

600-700ms - normal latency for sat links

Local hops can be hidden, but they are leaved open (most) to be able to do proper diagnostic on problems, from customer side. Other lebanese ISP's(not all of them) closing traceroute/ping/etc at all, as i know.

teodorgeorgiev

Another two issues one could mention:

1. Lebanese ISP do not have local interconnection between them. Ask Ogero and the MPT - WHY?
If they answer, or even if they do not - ask yourself WHY (these people control my country).

2. The international capacity of Ogero is overcrowded. If you ask them now for additional capacity - they will refuse.
And will ask you to wait (until the dead come back to the Earth). And then you have to ask your customers to wait (...)

I forgot to tell that they do not refuse to all the ISPs - some politically backed ISPs have no problem getting capacity from Ogero.

But what else one could to expect from "tea serving" individuals :)

(The above post is 100% my own opinion as an standalone person).

zis

teodorgeorgiev,

We are all aware of the political situtation, the stubborness of our administration and the weakness of our international link.. no need to repeat it in every post.. Let's try to find the best ways to bypass these limitations

nuclearcat,

I worked at IDM for 3 months a couple of years back, back then they had all their sites and their customer sites hosted in the Borj el Ghazel Datacenter.. Dunno if it changed now.

For the latency, i usually get arount 2000-3000 ms. It's particularly slow on the nodes with (private use).. Here i guess it's faster because the traceroute was done at 2 am..

After doing many traceroutes, it seems all the connections are routed to the Frankfurt node then continue their way... dunno if it is linked to the RIPE db that is based in frankfurt..

rolf

teodorgeorgiev wrote1. Lebanese ISP do not have local interconnection between them. Ask Ogero and the MPT - WHY?
If they answer, or even if they do not - ask yourself WHY (these people control my country).

I thought they had one for a couple of years now.

nuclearcat

2000-3000ms i think it is local links, because NEVER it must reach such numbers.
can u do trace at that time?

Dark_angel

Hey zis,

Does your ISP covers Hazmieh?

recon1025

teodorgeorgiev wroteRecon, I will speak in points:

1. Learn what the abbreviation "Wi-Fi" means.

2. Security costs money. 802.1x enabled switches (read google on what 802.1x is) cost money.
If you pay for security and quality - you will get it. Everyone who asked us for assistance in security has
got it.

3. Of course we can run even 256bit IPSEC encryption and then 50% of the user bandwidth will go
for encryption. And then for 256Kbps you will get about 20KB/s max... ...

4. A pennyless crook like you does not have the right to say which ISP is real and which not.
I can hack my ISP here as well, but I am not doing it. I am just paying my 20 eur and that is.
Just because my parents gave me proper education and dedicated lot of time on me.

5. GlobalProof network is secure. The insecure part is the link between the reseller and the customer.
Reseller decide what kind of equipment to use. We can suggest, but only suggest. If they want to spend
money on STP/FTP, 802.1x enabled switches with VLAN, port security, storm control and etc - good, if not - bad. If GP network was insecure in general, you would have the root/admin passwords for our routers and
servers long time ago. But what you have is just empty pockets and empty head - a useless "gain".

6. I bet that GP network is at least 3 times more secure than your network :)
If you have the guts (and a network), we can make a public contest ;)

7. Yet GP is not a real ISP - you will imagine how many customers use the services with satisfaction.
You also could be seen on the gaming network :)

8. You have the right to criticize "a thing" created by someone, only if you have created something.
What you have created and what is your contribution to the network in Lebanon?
If all the ISP stop working on their network and do stealing and cheating like you, you would not have the chance to write these words on the Internet :)

But, thanks God, there are clever people who know that more important is to create, than to destroy.

I can name you at least 10 famous creators - Thomas Edisson, John Atanassov, Niels Bor, Linus Torvalds,
Albert Einstein, Popov, John Watt... ... ...

Now, you name me 10 famous loosers :)

1.) Quit crying patrick.
2.) Learn English you french-wannabe panzy.
3.) You claim to be such a talented network adminstrator yet everytime you are faced with a problem with your router, you're flooding the forums over at StarOS begging for their technical personnel to login remotely and fix it for you!

Username: PatOS
Forum: http://forums.star-os.com/

Notice in his posts, he provides root access username and password for the world to see. It's the only way for the technical personnel to login and fix his problem since he's incompetent to do it himself. Guess you haven't heard of encryption after all ...

Here's a snapshot of all his forum posts: http://forums.star-os.com/search.php?searchid=115357
Feel free to read and see why this fool is so arrogant, he has someone doing the job for him while he takes credit for it.

Mess with the best, get OWNED like the rest. -modified from hackers :o) (hugs and kisses)

recon1025

zis wrote
recon1025 wroteGlobal proof is Wifi based. They use PPPoE for the authentication, the passwords of other users maybe sniffed over the line or at the time i was able to sniff other users username/password and service-discovery packets. Bottom line is this, their Access points use WEP encryption, that means insecure.. I wouldn't use their service even if i was paid to! Having your emails, chats and so forth sniffed over the line due to an insecure network = priceless. Get a real isp imo.
WiFi based????? WTF does that mean? As far as i know most DSL providers in the world use PPPoE.. What access points are you talking about? WEP passwords can be sniffed.. but where is WEP used?

PPPOE was originally developed for the xDSL solution, point to point over an ethernet wire. However in the case of globalproof this ethernet wire u got running down form the roof is connected to an access point which operates through "radio frequency it's refered to as wifi which is an IEEE standard known as 802.11x and for those who claim to be educated but yet need others to login their system to fix their problem, it's it's 802.11B however, since the frequency it operates on is 2.4ghz is illegal to begin with and already being used by military, cordless phones, microwaves, bluetooth and so forth... It's not an effective solution not latency wise. The PPOE is used to send the username, password and "service name" all can be intercepted, even if u use chap it is easy to decrypt, after all there are different versions. Heard of kerberos? Secondly IDM's 256K broadband for 110 is not corporate, the SOHO is. IDM, Cyberia, Terranet and sodetel all provide their "last mile" through GDS equipment which operates on the 3.5ghz. 3.5 ghz doesnt have any interference on it, it was under interference during the war, the Israeli war ships were jamming the signal. 2.4 ghz frequency for lebanon or I should say heavily populated cities in lebanon is not an effective solution. Any educated person that takes cordless phone operating on the same frequency along with the military into consideration would realize that. If your brain doesnt get it yet, im refering to the end-user to local provider route.