On Sun, May 05, 2013 at 04:18:56PM +0300, George Kadianakis wrote: > tor-admin <[email protected]> writes: > > > On Sunday 05 May 2013 14:50:51 George Kadianakis wrote: > >> It would be interesting to learn which ports they currently whitelist, > >> except from the usual HTTP/HTTPS. > >> > >> I also wonder if they just block based on TCP port, or whether they > >> also have DPI heuristics. > >> > >> On the Tor side, it seems like we should start looking into #7875: > >> https://trac.torproject.org/projects/tor/ticket/7875 > >> _______________________________________________ > > I am wondering if here is there a way for a user to ask bridgedb for a > > bridge > > with a specific port? > > _______________________________________________ > > tor-dev mailing list > > [email protected] > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev > > If I remember correctly BridgeDB tries (in a best-effort manner) to > give users bridges that are listening on port 443. Obfuscated bridges > that bind on 443 are not very common (because of #7875) so I guess > that not many obfuscated bridges on 443 are given out. > > In any case, I don't think that a user can explicitly ask BridgeDB for > a bridge on a specific port, but this might be a useful feature > request (especially if this "filtering based on TCP port" tactic > continues).
This may be a good feature to have, in general, but it does not sound like this will solve the current problem in Iran. The last report says they're whitelisting ports *and* protocols[1]. So even if a user attempts to use obfs3 on port 443 it'll likely be blocked because obfs3 is not a look-like-https protocol. If we had a PT that encapsulated obfs3 inside the body of http then this may work. CDA also says SSL/TLS connections are throttled to 5% of the normal speed [2], so that's no fun either. [1] https://twitter.com/CDA/status/331006059923795968 [2] https://twitter.com/CDA/status/331040305648369664 _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
