On Thu, Aug 31, 2006 at 06:01:45PM +0400, Roman V. Isaev wrote: > On 08/31, Matthew Toseland wrote: > > > > Have you thought about that ignoring reset packets thing that was > > > > shown to make it possible to bypass The Great Firewall? I mean, I > > > > don't know too much about it, or if it'd be possible for > > > > freenet....but it might be worth looking in to. > > > That would involve platform-specific code, there's no way to do that in > > > java. > > It's unnecessary anyway because it only applies to TCP. It does however > > tell us something very interesting and useful: The firewall is stateless !! > > They pick up forbidden keywords on a packet and then send a reset > > packet, they don't even delete later packets on the same connection > > because *they don't track connections at all* ! > > But they will do that, sooner or later. It's just a matter of time. Another > chunk of money for Cisco I guess...
The interesting thing is you can connect to IRC and discuss forbidden keywords... Also that study is curious because I heard they block the whole page, rather than just interrupt it in the middle... -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/support/attachments/20060831/5e6e18ee/attachment.pgp>
