iran
ZioPRoTo (Saverio Proto)
zioproto at gmail.com
Mon Jan 2 21:37:39 CET 2012
Hello Siavash,
first of all good luck, because in the last hours Iran is on the
headline of most newspapers. Looks like some kind of war could be very
soon.
I don't know if you are aware of the Telecomix project
http://telecomix.org/
check out their website. They are hackers who provide constantly
updated solution to bypass Internet censorships. Contact them if you
are in trouble with this stuff.
Also the Tor project might be interesting to you
https://www.torproject.org/
I know Tor is being updated to bypass the Iranian filters contantly.
I think that any information you have you could deliver to the TOR team.
regards
Saverio
2012/1/2 Siavash Sameni <siavash.sameni at gmail.com>:
> Hey everyone ,
> I'm using tinc from iran , and i've been using tinc with tcponly for a few
> years now , to bypass the filtering , and have access to the free internet ,
> but recently , our government started to apply some sort of exotic filtering
> scheme , they've completely blocked outgoing and incoming ssh requests , and
> ssl encrypted packets , and the only thing allowed is https !! , which gives
> you full speed (like 200K/s ) for trusted websites lets say gmail , and
> around 3-7 KB/s , for non trusted websites , let's say CIA website .
> the only vpn that somehow works at the moment is IP-IP tunnel , which
> doesn't have no encryption , and thus , for instance ssh , inside of the ip
> ip tunnel doesn't work .
> at the moment tinc , still works , but as soon as there is some traffic on
> the tunnel (more than 1KB/s ) it starts to behave weird, and for instance ,
> ssh over it will have hiccups .
> my idea is right now this , maybe there is a way to mark packets as
> something known (read it http or ftp) for the layer 7 packet analyzer on the
> way , so it'd give full bandwidth , and doesn't drop the connection .
> because in the past we had sort of the same situation , they've limited the
> connection speed of SSH , but if we used an LSH client (which had a
> different signature) the problem was not existence no more , the performance
> was great .
> or maybe if i can change the cipher , or the encryption algorithm , it'd be
> perfect .
> for my line of work , not being able to use ssh , mean that , i cannot
> possibly work ,
> at the moment , i have three ways to do ssh ,
> 1. shell in a box .
> 2. tinc with the performance of few hundred bytes a second
> 3. vpnc in an ipip tunnel !!! with variable performance .
> anyhelp would be appreciated .
> sorry for that it's not really related to tinc itself , but if tinc could be
> used , i'd appreciate it the most :)
> thank you.
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
More information about the tinc
mailing list