New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Ultrasurf/HTTP Tunnel Implementation?
I'm looking for some kind of HTTP Tunnel implementation for my own VPSes similar to Ultrasurf. Ultrasurf is the only bypass I can use on my restrictive network but I don't like how everything passes through their servers. Everything other than HTTP and HTTPS traffic (pretty sure they can tell which kind of traffic it is, not just port outgoing) is blocked, except for tunneling through the corporate proxy.
VPNs, SSH Tunneling and Proxies don't work.
I'm curious if there are any solutions I haven't heard of yet to implement something along the lines of Ultrasurf, which apparently uses Squid HTTPS tunneling, but I'm not totally sure how that works myself.
Comments
I haven't used Ultrasurf, but I'm pretty sure Webmin provides a http tunnel. Or how about using VNC?
you say ssh tunneling doesnt work, but have you tried setting your ssh server port to something unusual; something other then 22.
Tried tunneling to 443, 80 and they all didn't work.
VNC ports are blocked and Webmin port 10000 is also blocked.
Ultrasurf is just like ssh tunneling, maybe you can try to change ssh port to 443.
i believe you dont get blocked by ports..but you get blocked by service.. try stunnel https://www.digitalocean.com/community/articles/how-to-set-up-an-ssl-tunnel-using-stunnel-on-ubuntu
Ultrasurf is certainly not SSH tunneling, it is HTTP tunneling. That is, wrapping packets into HTTP encapsulation.
On the server-side, a 2011 analysis found that the UltraReach network employed squid and ziproxy software, as well as ISC BIND servers bootstrapping for a wider network of open recursive DNS servers, the latter not under UltraReach control. - Wikipedia
As I've said above, I've tried port 443 and port 80, and they simply don't work. The only solution I've encountered that does is Ultrasurf, which uses Encrypted HTTP tunneling.
Have you tried softether?
I will be looking into that.
How about changing port to 8080?
tried all of your ssh tricks with ports. none works. also tried 53 and 21 for anyone wondering.
A risky way of bypassing censorship is to use OpenVPN with obfuscation , with pre-shared key. This would make it hard to add multi-user support, but at least this should work for now.
Shadowsocks is another nice tool, give it a try.
So far I have never saw any report claiming that they have their VNC port blocked...This is quite weird.
I would not recommend PPTP, L2TP, even Cisco IPSec. Not working well for me.
WebVPN via SPDY is something new.
If your VPS provider has IPv6 address, maybe they are not blocked. Get a tunnel to see whether this will work.
Or, if worst comes to worst, try goagent PHP server over SSL(even SPDY). Should this is not working for you, maybe it is better to switch to another IP address.
P.S:
Nice try, GFW. Screwed up the whole Chinese Intranet. Better keep it up, don't let Mr. Fang down.
------In Remembrance of Jan.21.2014, the historical day that one of the largest DNS poisoning affected all the TLDs in People 's Republic of China.
If running Nmap allowed, could you try to scan for open port from the gateway/provider?
I think I'll do that tomorrow.