funsec mailing list archives
Punching through The Great Firewall of T-Mobile
From: Jeffrey Walton <noloader () gmail com>
Date: Tue, 10 Jan 2012 14:30:30 -0500
From Steve Bellovin on the Cryptography Mailing List.....
https://grepular.com/Punching_through_The_Great_Firewall_of_TMobile T-Mobile UK are moving towards a mobile network which works (technically) in a very similar manner to the Great Firewall of China. I've been using them for mobile Internet access for over a year now, and recently received a second SIM card. When using this new SIM card for Internet access, I've experienced some very odd network traffic. ... I run my own Linux server, and self-host several services. I use SSL whenever possible. If I connect to my mail submission service with immediate encryption on port 465, T-Mobile instantly sends a spoofed RST TCP packet to both my server and my client in order to disrupt/disconnect the connection. I ran tcpdump on both ends of the connection to verify that this was happening. They also do the same for mail submission port 587. This time, they let you connect, but as soon as you send a STARTTLS command, the RST packets appear, and the connection drops. This isn't just for my mail server, I experienced the same problems using smtp.gmail.com as well. About six weeks ago, somebody else pointed out the same problem on the T-Mobile forums.... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Punching through The Great Firewall of T-Mobile Jeffrey Walton (Jan 10)