-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brandon Wiley wrote: > This is > an interesting method of obfuscation as it seems like it would interfere to > some extent with the three most popular DPI techniques: string matching, > packet lengths, and packet timings. However, like most obfuscation methods > this method seems like it would not be effective once the censor was aware > of the method as they could just add more filtering rules to filter out the > fake packets. I belive (or i hope, only the research will make a definitive answer) Not. because sniffjoke use only plausible packets in the network, exploiting the "ambiguity" that every sniffer found to face, when choose if accept a packets or not as part of the streams under tracking.
so there are not a pattern of "fake packets", also because all the "good" packets are modified too expecting to confound statistical analysis. > I'd like to know more about the details of how sniffjoke works, so please > let me know if you can provide any additional details. > > [1] > http://www.delirandom.net/sniffjoke/sniffjoke-howto-usage/sniffjoke-howto-details sorry, my documentations really sucks :) anyway the evening I've drank a lot of yerba mate, and the sleep deprivation has results in a totally new amount of contents. in logic order: http://www.delirandom.net/sniffjoke/sniffjoke-howto-usage/sniffjoke-how-does-work http://www.delirandom.net/sniffjoke/sniffjoke-howto-usage/ http://www.delirandom.net/sniffjoke/sniffjoke-howto-usage/sniffjoke-locations http://www.delirandom.net/sniffjoke/sniffjoke-howto-usage/sniffjoke-howto-packet-scrambling http://www.delirandom.net/sniffjoke/sniffjoke-howto-usage/sniffjoke-howto-tcp-hacks p.s. sorry for my poor english, I wish the technical information will be understandable beside the grammar damages :P cheers, vecna -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFN00aXuEIJPcZ2VDARAgeCAKDReDl1Sk2/p3a5b3KvubXj1AO9HwCfThsW 0Sg2D86G95LrxgOzezO7qFM= =QbtT -----END PGP SIGNATURE----- _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
