On Thu, Aug 31, 2006 at 06:01:45PM +0400, Roman V. Isaev wrote:
> On 08/31, Matthew Toseland wrote:
> > > > Have you thought about that ignoring reset packets thing that was
> > > > shown to make it possible to bypass The Great Firewall? I mean, I
> > > > don't know too much about it, or if it'd be possible for
> > > > freenet....but it might be worth looking in to.
> > > That would involve platform-specific code, there's no way to do that in 
> > > java.
> > It's unnecessary anyway because it only applies to TCP. It does however
> > tell us something very interesting and useful: The firewall is stateless !!
> > They pick up forbidden keywords on a packet and then send a reset
> > packet, they don't even delete later packets on the same connection
> > because *they don't track connections at all* !
> But they will do that, sooner or later. It's just a matter of time. Another
> chunk of money for Cisco I guess...

The interesting thing is you can connect to IRC and discuss forbidden
keywords... Also that study is curious because I heard they block the
whole page, rather than just interrupt it in the middle...
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature

Reply via email to