::: interestingly i was talking yesterday about this with a friend. He was using openvpn via tcp and he realized that after a while - using the tunnel for 3-4 hours - the bandwidth was shaped and if he restarted the tunnel everything was fine again for 3-4 hours. So he was guessing that the ISP is monitoring the open tcp connections and if there's one open for a longer time they are shaping it - since there's no way that they could see what's the content of the tunnel. Now he switched to udp tunneling, and at the moment this solved the problem.
::: so maybe it is not enough to hide your data by pretending that it is a different - 'usual' - protocol, you have to 'fragment' it as well. regards viktor On Sep 19, 2007, at 11:04 PM, Michael Rogers wrote: > Charles Iliya Krempeaux wrote: >> Maybe people should be hiding things out in the open. Like, make it >> look like normal (unencrypted) HTTP, SMTP, or POP3 traffic (or >> something >> pretty common like those)... and hide the data in the data stream. > > It would be interesting to know how they're detecting encrypted > traffic > - measuring redundancy, as in the recent Skype paper, or just > throttling > anything that's not a recognised plaintext protocol? If the former, > how > much redundancy do you have to add to get round the filter? If the > latter, can you just tack "GET / HTTP/1.0" to the beginning of every > connection? > > Cheers, > Michael > _______________________________________________ > p2p-hackers mailing list > [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
