How to bypass your ISPs speed throttling of your Usenet connection

// 2nd Mar '10 How to bypass your ISPs speed throttling of your Usenet connection

Are you getting 3kb/s down via Usenet when you know the connection you're on is capable of much more? Does this sound like the start of an infomercial? Why yes it does but chances are you're being throttled and we found ourselves in that very position last week while trying to download the completely legal Supreme Commander 2 demo. Why download off some slow-arse gaming site HTTP server when you can max out your connection on Usenet right?

Wrong. O2 Broadband in the UK have recently started throttling access to Usenet on their Access package; this is their package for users who are not using a telephone exchange that has been LLU'd (Local Loop Unbundled) by O2 themselves and therefore have to rely on the BT backbone for bandwidth.

It is understandable why they should need to throttle a connection, what is not understandable is that they should pick on a specific protocol; this completely goes against net neutrality and is divisive to the whole operation of the internet. Comcast in the US recently settled a class action lawsuit against them for $16 million; the cause of the case? They throttled Bit-torrent and other P2P services without informing their customers while still advertising the same speeds across their network. This shouldn't be happening and therefore we shall work our way around it:

The Problem

Most Usenet connections take place via the same two TCP/IP ports

If you think about it for a second: an ISP cannot throttle specific types of traffic if they cannot distinguish those types of traffic from other forms such as web, email and gaming. They can distinguish via a number of methods, the three main ones being port-based detection; Stateful Packet Inspection (SPI) and Deep Packet Inspection (DPI). Today we'll be defeating port-based detection and SPI; thankfully DPI requires very expensive hardware and isn't in wide use by ISPs yet so that's a story for another day.

Usenet utilises the NNTP protocol and therefore has two main ports associated with it: port 119 for normal traffic, and port 563 for encrypted traffic. Obviously if you're sending stuff via these ports, whether it's encrypted or not, your ISP will easily be able to throttle the traffic going through those ports alone and therefore you'll end up with a connection dribbling bits rather than Megabits.

SPI relies on checking on checking the individual packet headers (the start bits of each data "envelope" you send) to find out what protocol the data belongs to. How could you possibly go about hiding this I hear you ask?! Piece of piss: read on.

The Solution

Answer: Use a provider that allows encrypted connection via non-standard ports

And there we have it; it's as simple as that. The encryption solves the ISPs snooping into your packets using SPI and the fact you're using a different port makes it harder to detect what protocol the traffic actually is; this is made ever harder when you deliberately use a common port for a popular protocol - for example Port 80 which handles HTTP (web browsing) traffic or Port 443 which handles secure browsing (HTTPS) traffic. Sometimes this is enough alone even without encryption.

Here's a handy list of providers that offer these services:

  • EasyNews - Probably the best support for this: 21, 22, 23, 25, 53, 80, 110, 443, 8000 and 8080. All available for connection via SSL.
  • Newshosting - on NHXL you get access to 23, 25, 80 & 3128 normal and 443 encrypted. Other packages offer similar ports, check Support > Server Information.
  • Newsdemon - Depends on the server but you can connect to any of them so: 19, 23, 25, 80, 81, 443 and 8080
  • Giganews - Jade to Platinum offer 80 and 23 with no SSL. Diamond offers SSL plus the use of port 443.
  • Supernews - Port 23 and port 80 for non SSL. 443 for SSL.

As we said, last week we used this exact process to get past the throttling on O2 Broadbands' Access package; we simply used Port 80 to Giganews - didn't even have to encrypt it and the speeds jumped from 3kb/s to 8000kb/s on an 8mbit line. It also has worked in the past for escaping nasty university and college firewalled networks, keep that in mind and post your results below!

djm posted by djm
This entry was posted in Tutorials & How-to Guides and tagged isps, throttling. Leave a comment. Header image by Mr T in DC

6 Comments

  1. Ian
    Posted Apr 28th, 2010 at 15:04 p.m.

    I was having the same problem using usenext on o2 broadband. Was getting 0.5kbs all the time. After reading this switched it to SSL and my speed has jumped to a full 8mb :)

    | Link to comment
  2. Posted Apr 29th, 2010 at 19:04 p.m.

    Glad it helped mate. Same theory applies to other ISPs such as TalkTalk, Orange etc so spread the good word!

    | Link to comment
  3. Posted May 20th, 2010 at 17:05 p.m.

    You left off Astraweb. Their prices are excellent, I've always been able to max out 100mb connection and they support SSL. They also offer connectivity over HTTP and HTTPS ports.

    | Link to comment
  4. Paul
    Posted Oct 7th, 2010 at 18:10 p.m.

    Great tip, I have recently gone back to usenet after all the paranoia surrounding bitorrent, and my ISP is O2 Access, and was 1.7k/sec. Not now!

    | Link to comment
  5. Martin
    Posted Apr 13th, 2011 at 21:04 p.m.

    Thats great but how do I do this? What are the steps to doing what you are saying? How do I switch to Port 80? I have MacOS. I am trying to use easynews using Plusnet and they throttle it to death.

    | Link to comment
  6. newbie
    Posted Feb 22nd, 2012 at 21:02 p.m.

    hy everybody i am a newbie here, the problem is that i hardly understand the geeky langauge, so how can i bypass this throttling thing in plain langauge.

    | Link to comment

Comments are now closed.