ISPs and Bit Torrent Traffic

A friend of mine just received a letter from his ISP to warn him to stop downloading copywritten materil. Apparently, it had something to do with HBO shows.

I was wondering how an ISP would know that such infomation was being downloaded through the network. Woudn't monitor traffic require a great deal of hardware and processing power? Can the ISPs look far enough into the traffic stream that they can tell exactly what is being downloaded.

How do the ISPs identify this traffic?

You can filter traffic by the protocols used using sniffers. Even higher level protocols. I've seen sniffers that decode HTTP/HTML and can parse a full conversation and decode it back to HTML and views it as a web page!!. Most probably the same thing can be done for the bit torrent protocols.

But, I agree with you that it would require powerfull machines to do that on a large scale for all subscribers on an ISP. Hmmm, Does Websence do that ? not sure... :roll:

I wonder if his ISP got nudged by the RIAA and then moved the pressure onto him?

Well, I know he wans't downloading a million shows. I was just curious if anyone knew/understood how the ISPs read the traffic on a large scale.

How can the ISP tell what he is downloading because I use Bit Torrent to download Linux Distos. Do ISPs really take the time to inspect all traffic?

I think Dalight's theory is the most plausible. It isn't in an ISPs interest to start threatening their own customers; they'll be happy enough just to take your money and let you use the service unless somebody else rattles their cage. Having said that, once the cage is rattled they can (and probably will) point the limited tracking resources they have at the few earmarked customers, as much for their own protection as to help out whoever is complaining

Bishop,

I agree on that point. I was wondering more about the actually technical details. For instance, could I do it in a lab and reconstruct the packets to see what I was downloading? How do they do it?