New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Why would that be hard? The government controls all telecomm and Internet connections. You can't get to the Internet without going through something the government controls.
That only on paper, in reality things may be significant different. Better ask local peoples what is it in reality.
It's not. There really are countries where all internet traffic is government-controlled.
Do you just like to argue with every fact put before you?
Internet traffic controlled everywhere in every country. Tell me a country where internet traffic not controlled ?
OpenVPN with stunnel.. unless they block SSL 443 (aka. entire HTTPS protocol), blocking this will be impossible. This creates a normal SSL layer above the OpenVPN tunnel to block the DPI systems that are looking for OpenVPN traffic. Refer to: http://serverfault.com/questions/675553/stunnel-vpn-traffic-and-ensure-it-looks-like-ssl-traffic-on-port-443
Unfortunately, not. Typical SSL traffic is way different than what VPN traffic looks like, even if we only consider bursts, number of packets, amount of traffic per average minute, how many endpoints does it have, is it a site at that address, etc.
It is highly unlikely you visit a non-existent site at an IP in a datacenter which offers VPSes and all night you are visiting that site and none other, gigabytes per day. It wont work if they know what they are doing.
That is peculiar. In other cases people would jump at the chance for some free publicity...but you’re not “brave enough”?
Can you PM me the details? I can keep it confidential if you’re insisting on keeping your company details a secret on LET.
[EDIT: Fixed a minor grammatical issue. Sigh.]
It will most probably be possible to tunnel through TXT records in DNS requests via Iodine, but also pretty slow. I used to use that setup in combination with Ziproxy in extreme situations.
I doubt that. The point in censorship is not to block everything and allow only some things, but to block the vast majority of independent or "enemy" views.
If 99% of iranians cannot connect to BBC, then it is fine, the 1% which can are unlikely to be stopped without considerable effort. After all, skyDSL and the like are available in Iran, who can stop them, even more, if they do manage to block effectively the remaining 1%, they will not only get alternative ways to be online, such as connecting to neighboring countries in some ways over 4g, whatever, but also satellite AND share those connections with other people internally, I mean behind the firewall where nothing will help.
You can't identify it based on protocol/port number or signature/name. It would be very hard to tell a difference even for DPI unless it's set to monitor the amount of traffic per each individual. That would take insane resources to contrack every single user thus It works pretty much everywhere.
Nope, but it can be set to count per connection on external IPs.
detect SSL, start counting, after 100 MB block. At 1000 MB hard block, drop packets at firewall level for that IP for a month.
How you to know it? Where you get this information? From newspapers? Are you in Iran? As Iranian talking about internet in Romania..
Sure, but how much resources would it take to do this for 20 million subscribers at the same time? Also this would kill services like VyperVPN which especially targets iran using similar techniques to mask the OpenVPN connection.
Rather than trying to block the 1% with 99% resources, they will focus on 99% with 1% of the resources needed.
That hard to release listen every mobile conversation and control every internet connection
Iranians are educated people, we do not talk about al-shabab or boko haram here, many people think iran is a backward country with stupid people beating their wives. Actually Iranian women are more educated compared to men than in most countries with few exceptions.
But that is irrelevant.
I know how internet came to romania.
First through BBS which offered a line for a few minutes for 1-2 Kbps. The dialup and leased lines costing 1-2 minimal wages around 95, then gradually going below 1 minimum wage towards 2000.
People shared the connection, this is why internet is so cheap here, because many of the network neighbourhoods grew up to become ISPs and competition is fierce, there were networks run by volunteers spanning thousands of subscribers in some areas, even different POPs connected through CB radio across the town, you wouldn't believe the ingenuity of people back then.
I figure iranians can do the same, one guy puts up satellite broadband and gives wi-fi or even UTP lines to houses near, splitting the fee: it starts at 20 Eur a month or maybe lower. They can afford it, so, if the local monopolies are censoring the internet, there are always alternatives, perhaps more expensive, less convenient, but always there to be used and shared int he neighbourhood or over the local loop with VPN behind the firewall.
Exactly my point. Keeping tabs on each connection is possible, that way, at ISP level, they can see connections outside and count each byte, adding destination IP and blocks every 1 GB of data per source IP is not that hard. It may not be cheap, but perfectly doable, if the regime thinks it's stability depends on it.
Many middle east peoples,not too young, got education in Soviet Union previosly where was a best education ever, so not surprises as well.
You're right. There are absolutely no countries in the world where the Internet is blocked or the government spies on its citizens. Even in North Korea, Syria, and Tunisia, there is no monitoring. They just can't do it. Great Firewall of China? A myth.
Thanks for bringing us up to speed.
If you're at LET, and you've at least a few drops in technical knowledge, chances are you know what DNS is :P
Denise
Nancy
Susan
You get all three to do jello shots, then do some round-Robyn. Robyn's always up for it and Nancy just needs two shots to loosen up and start nibbling on Susan's ear.. and we all know Denise is a ho. Wait, what were we talking about, again?
Sure. A blow job is still a job.
@WSS
Correction: General idea of what DNS is
too easy
lmao
There is still a way you may didn't try it, install http proxy on port 80 on your VPS, and then use bitvise with http proxy, check the ssh tunnel and connect it (now you have ssh tunnel on 127.0.0.1:1080), then to also bypass the DNS you can use proxifier and check DNS through shocks proxy.
How can I do that?
Basically I told about bit other things. If you think internet not controlled by govs and special forces in other countries you are wrong
In USA for example - FBI, NSA, DMCA and several others we don;t even know, they control even Torrent traffic and can enter every encrypted connection.
Several EU countries ban VoIP traffic for example, Germany, etc So that questionable about some lands of freedom where no censorship exist. That other myph
Have you tried openvpn with obfsproxy or openvpn with stunnel?
or openvpn with xor patch?
XOR Patch is working. But I do not know how it is done. Can you help?
https://forum.opnsense.org/index.php?topic=3619.0
you need git installed. pkg command won't work on debian or centos
on mac os x, tunnelblick seems to support openvpn xor patch.
on windows, you'll need a seperate openvpn client I guess.
on ios, I doubt there is a client for this.
Not sure if trolling...
I can't believe that Shadowsocks is banned. It's not possible.
Shadowsocks is designed specifically against DPI.
I have to ask if you have actually tried it in Iran.