Previously, I use the network from HongKong Polytechnical University (I don't know who is the ISP for HK PolyU), when I try to connect with Tor. via bridge 74.207.232.33:443, I have found its TCP handshaking works fine, but SSL handshaking is blocked (A packet for SSL client Hello is sent to 74.207.232.33, but the bridge never gives me reponse): ================================================================= 158.132.34.176 ==> 74.207.232.33 TCP eicon-server > https [SYN] Seq=0 Win=65535 Len=0 MSS=1460 74.207.232.33 ==> 158.132.34.176 TCP https > eicon-server [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460 158.132.34.176 ==> 74.207.232.33 TCP eicon-server > https [ACK] Seq=1 Ack=1 Win=65535 Len=0 158.132.34.176 ==> 74.207.232.33 SSL Client Hello 74.207.232.33 ==> 158.132.34.176 TCP https > eicon-server [ACK] Seq=1 Ack=137 Win=6432 Len=0 =================================================================
So I guess maybe the ISP messed up SSL in general? Best Regards Brent 2010/2/27 Andrew Lewman <[email protected]> > On 02/27/2010 05:08 AM, Peng Zhou wrote: > > This issue looks like caused by my ISP, when I change to another ISP, > > everything goes well :-) > > Which ISP blocked Tor? I found the "free public wifi" sponsored by the > HK government did a fine job of blocking the public tor relays, but most > bridges worked. They also seemed to mess with ssl in general, which > also made tor, https, vpns, and ssh tunnels sad. > > And running at debug loglevel seems overkill when notice level logs tell > you what's going on just fine. > > -- > Andrew Lewman > The Tor Project > pgp 0x31B0974B > > Website: https://torproject.org/ > Blog: https://blog.torproject.org/ > Identi.ca: torproject > *********************************************************************** > To unsubscribe, send an e-mail to [email protected] with > unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ >
