Re: [liberationtech] Verification of censorship resistance

2016-11-18 Thread Philipp Winter 
On Fri, Nov 18, 2016 at 11:04:48AM -0500, Richard Brooks wrote:
> analysis. Does anyone have write ups on what national
> firewalls are using to filter traffic?
> 
> There are the obvious DNS names, IP addresses, port numbers
> and keywords in the traffic content.
> 
> What other header fields may be inspected?




At least the Great Firewall of China is known to have used TLS headers
as distinguishers:

-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Verification of censorship resistance

2016-11-18 Thread Nick Skelsey 
Hi Richard,

The OONI project [1] (Open Observatory of Network Interference)
produces country by country breakdowns of the types of censorship
techniques occurring.

[1]: https://ooni.torproject.org/

The project has a set of tests which attempt to determine exactly how
content is getting blocked and how connections are dropped. This is
probably your best bet at finding up to date filtering from empirical
data.

There are other resources out there. If you find some good ones, please share.

Good Luck!
- NS

On Fri, Nov 18, 2016 at 5:04 PM, Richard Brooks  wrote:
> Am doing a prototype tool for avoiding network traffic
> analysis. Does anyone have write ups on what national
> firewalls are using to filter traffic?
>
> There are the obvious DNS names, IP addresses, port numbers
> and keywords in the traffic content.
>
> What other header fields may be inspected?
>
> If anyone had tech reports they could point me to, it
> would be useful.
>
> I want to subject our prototype to as thorough an analysis
> as possible.
>
> Thanks,
>
> -Richard
> --
> Liberationtech is public & archives are searchable on Google. Violations of 
> list guidelines will get you moderated: 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
> change to digest, or change password by emailing moderator at 
> compa...@stanford.edu.
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Verification of censorship resistance

2016-11-18 Thread Richard Brooks 
Am doing a prototype tool for avoiding network traffic
analysis. Does anyone have write ups on what national
firewalls are using to filter traffic?

There are the obvious DNS names, IP addresses, port numbers
and keywords in the traffic content.

What other header fields may be inspected?

If anyone had tech reports they could point me to, it
would be useful.

I want to subject our prototype to as thorough an analysis
as possible.

Thanks,

-Richard
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.