On Thu, Aug 31, 2006 at 01:12:53PM -0500, GeckoX wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I was in China last year. I was able to create a VPN connection in the US
> with no problem. Most of the web didn't work, even SSL. SSH was completely
> blocked as well, which is why I w
Meh...depends where you're at. It's not one giant firewallit's a
regional thing. Beijing must just have high security. Seems odd that
they'd block out SSHbut I suppose SSH is a good way to hide what
you're doing.
On 9/1/06, Matthew Toseland wrote:
> On Thu, Aug 31, 2006 at 01:12:53PM -050
Meh...depends where you're at. It's not one giant firewallit's a
regional thing. Beijing must just have high security. Seems odd that
they'd block out SSHbut I suppose SSH is a good way to hide what
you're doing.
On 9/1/06, Matthew Toseland <[EMAIL PROTECTED]> wrote:
On Thu, Aug 31, 2006
On Thu, Aug 31, 2006 at 01:12:53PM -0500, GeckoX wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I was in China last year. I was able to create a VPN connection in the US
> with no problem. Most of the web didn't work, even SSL. SSH was completely
> blocked as well, which is why I w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was in China last year. I was able to create a VPN connection in the US with
no problem. Most of the web didn't work, even SSL. SSH was completely blocked
as well, which is why I was surprised that I could connect via VPN with no
problems. This wa
Matthew Toseland wrote:
> It's unnecessary anyway because it only applies to TCP. It does however
> tell us something very interesting and useful: The firewall is stateless !!
heh, it would be damn expensive to do that in a stateful way.
let's see:
>1. Timing.
>2. Packet size.
>3. It's not a kno
On 08/31, Matthew Toseland wrote:
> > > Have you thought about that ignoring reset packets thing that was
> > > shown to make it possible to bypass The Great Firewall? I mean, I
> > > don't know too much about it, or if it'd be possible for
> > > freenetbut it might be worth looking in to.
> >
On Thu, Aug 31, 2006 at 06:01:45PM +0400, Roman V. Isaev wrote:
> On 08/31, Matthew Toseland wrote:
> > > > Have you thought about that ignoring reset packets thing that was
> > > > shown to make it possible to bypass The Great Firewall? I mean, I
> > > > don't know too much about it, or if it'd be
On Wed, Aug 30, 2006 at 11:52:23PM +0200, David 'Bombe' Roden wrote:
> On Wednesday 30 August 2006 23:47, urza9814 at gmail.com wrote:
>
> > Have you thought about that ignoring reset packets thing that was
> > shown to make it possible to bypass The Great Firewall? I mean, I
> > don't know too mu
Hundreds of projects? Such as? None of them comes anywhere near to our
techology; most of them are either easily harvestable and blockable
proxy networks, or WASTE clones.
On Wed, Aug 30, 2006 at 05:47:43PM -0400, urza9814 at gmail.com wrote:
> Have you thought about that ignoring reset packets th
0.7 has no predictable or repeated bytes whatsoever. It can probably be
identified by several more expensive, less reliable techiques at present:
1. Timing.
2. Packet size.
3. It's not a known protocol, therefore it must be bad.
4. Flow analysis.
On Wed, Aug 30, 2006 at 10:35:32PM +0200, inverse w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was in China last year. I was able to create a VPN connection in the US with
no problem. Most of the web didn't work, even SSL. SSH was completely blocked
as well, which is why I was surprised that I could connect via VPN with no
problems. This wa
Matthew Toseland wrote:
It's unnecessary anyway because it only applies to TCP. It does however
tell us something very interesting and useful: The firewall is stateless !!
heh, it would be damn expensive to do that in a stateful way.
let's see:
1. Timing.
2. Packet size.
3. It's not a known
On Thu, Aug 31, 2006 at 06:01:45PM +0400, Roman V. Isaev wrote:
> On 08/31, Matthew Toseland wrote:
> > > > Have you thought about that ignoring reset packets thing that was
> > > > shown to make it possible to bypass The Great Firewall? I mean, I
> > > > don't know too much about it, or if it'd be
On 08/31, Matthew Toseland wrote:
> > > Have you thought about that ignoring reset packets thing that was
> > > shown to make it possible to bypass The Great Firewall? I mean, I
> > > don't know too much about it, or if it'd be possible for
> > > freenetbut it might be worth looking in to.
> >
On Wed, Aug 30, 2006 at 11:52:23PM +0200, David 'Bombe' Roden wrote:
> On Wednesday 30 August 2006 23:47, [EMAIL PROTECTED] wrote:
>
> > Have you thought about that ignoring reset packets thing that was
> > shown to make it possible to bypass The Great Firewall? I mean, I
> > don't know too much a
Hundreds of projects? Such as? None of them comes anywhere near to our
techology; most of them are either easily harvestable and blockable
proxy networks, or WASTE clones.
On Wed, Aug 30, 2006 at 05:47:43PM -0400, [EMAIL PROTECTED] wrote:
> Have you thought about that ignoring reset packets thing
0.7 has no predictable or repeated bytes whatsoever. It can probably be
identified by several more expensive, less reliable techiques at present:
1. Timing.
2. Packet size.
3. It's not a known protocol, therefore it must be bad.
4. Flow analysis.
On Wed, Aug 30, 2006 at 10:35:32PM +0200, inverse w
urza9814 at gmail.com wrote:
> Have you thought about that ignoring reset packets thing that was
> shown to make it possible to bypass The Great Firewall? I mean, I
> don't know too much about it, or if it'd be possible for
> freenetbut it might be worth looking in to.
it's possible to do it,
David 'Bombe' Roden wrote:
> Communication between 0.7 nodes doesn't have to exchange public keys,
> those are already known as they are contained in the node reference.
nice!
I definitely need to install 0.7 and capture some packets for testing
On Wednesday 30 August 2006 23:47, urza9814 at gmail.com wrote:
> Have you thought about that ignoring reset packets thing that was
> shown to make it possible to bypass The Great Firewall? I mean, I
> don't know too much about it, or if it'd be possible for
> freenetbut it might be worth look
On Wednesday 30 August 2006 22:35, inverse wrote:
> beyond harvesting the connected IP addresses to raid their owner's
> homes, one big concern with encrypted protocols is that they can be
> filtered out by application-level scanning firewalls. I think this is
> exactly what's happening in China.
Matthew Toseland wrote:
> Well on the most trivial level, 0.5 doesn't work in china.
>
yo,
beyond harvesting the connected IP addresses to raid their owner's
homes, one big concern with encrypted protocols is that they can be
filtered out by application-level scanning firewalls. I think this
It wasn't safe enough, though, I suppose.
On 30 Aug 2006 03:27:04 -, Crash at remailer-debian.panta-rhei.eu.org <
Crash at remailer-debian.panta-rhei.eu.org> wrote:
>
> On Tue, 29 Aug 2006 22:01:06 +0100, you wrote:
> >
> > Freenet 0.5 had opennet, and yet it was a failure.
> >
>
> Ok, I gotta
Well on the most trivial level, 0.5 doesn't work in china.
On Wed, Aug 30, 2006 at 08:51:32PM +0200, Ortwin Regel wrote:
> It wasn't safe enough, though, I suppose.
>
> On 30 Aug 2006 03:27:04 -, Crash at remailer-debian.panta-rhei.eu.org <
> Crash at remailer-debian.panta-rhei.eu.org> wrote:
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about it, or if it'd be possible for
freenetbut it might be worth looking in to.
Also just wanna add that I fully support the desire to help g
[EMAIL PROTECTED] wrote:
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about it, or if it'd be possible for
freenetbut it might be worth looking in to.
it's possible to do it, but only
David 'Bombe' Roden wrote:
Communication between 0.7 nodes doesn't have to exchange public keys,
those are already known as they are contained in the node reference.
nice!
I definitely need to install 0.7 and capture some packets for testing
___
Sup
On Wednesday 30 August 2006 23:47, [EMAIL PROTECTED] wrote:
> Have you thought about that ignoring reset packets thing that was
> shown to make it possible to bypass The Great Firewall? I mean, I
> don't know too much about it, or if it'd be possible for
> freenetbut it might be worth looking
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about it, or if it'd be possible for
freenetbut it might be worth looking in to.
Also just wanna add that I fully support the desire to help
On Wednesday 30 August 2006 22:35, inverse wrote:
> beyond harvesting the connected IP addresses to raid their owner's
> homes, one big concern with encrypted protocols is that they can be
> filtered out by application-level scanning firewalls. I think this is
> exactly what's happening in China.
Matthew Toseland wrote:
Well on the most trivial level, 0.5 doesn't work in china.
yo,
beyond harvesting the connected IP addresses to raid their owner's
homes, one big concern with encrypted protocols is that they can be
filtered out by application-level scanning firewalls. I think this i
Well on the most trivial level, 0.5 doesn't work in china.
On Wed, Aug 30, 2006 at 08:51:32PM +0200, Ortwin Regel wrote:
> It wasn't safe enough, though, I suppose.
>
> On 30 Aug 2006 03:27:04 -, [EMAIL PROTECTED] <
> [EMAIL PROTECTED]> wrote:
> >
> >On Tue, 29 Aug 2006 22:01:06 +0100, you wr
It wasn't safe enough, though, I suppose.On 30 Aug 2006 03:27:04 -, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
On Tue, 29 Aug 2006 22:01:06 +0100, you wrote:>> Freenet 0.5 had opennet, and yet it was a failure.>Ok, I gotta know this. How is 0.5 considered a failure. I use it daily andit wor
On Tue, 29 Aug 2006 22:01:06 +0100, you wrote:
>
> Freenet 0.5 had opennet, and yet it was a failure.
>
Ok, I gotta know this. How is 0.5 considered a failure. I use it daily and
it works flawlessly, Frost messages flow as well as ever, as do downloads of
splitfiles. Yesterday I retrieved a free
On Tue, 29 Aug 2006 22:01:06 +0100, you wrote:
>
> Freenet 0.5 had opennet, and yet it was a failure.
>
Ok, I gotta know this. How is 0.5 considered a failure. I use it daily and
it works flawlessly, Frost messages flow as well as ever, as do downloads of
splitfiles. Yesterday I retrieved a free
36 matches
Mail list logo