nanog mailing list archives
Re: ISP/VPN's to China?
From: Adrian Chadd <adrian () creative net au>
Date: Thu, 22 Oct 2009 09:56:04 +0800
On Wed, Oct 21, 2009, Alex Balashov wrote:
I was not aware that tools or techniques to do this are widespread or highly functional in a way that would get them adopted in an Internet access control application of a national scope. Tell me more?
It's been a while since I tinkered with this for fun, but a quick abuse of google gives one relatively useful starting paper: http://ccr.sigcomm.org/online/files/p7-v37n1b-crotti.pdf Now, if you were getting multiple overlapping fingerprints inside a UDP packet stream you may conclude that it is a VPN tunnel of some sort. Just randomly padding the tunnel with a few bytes either side will probably just fuzz the classifier somewhat. Aggregating the packets up into larger packets may fuzz the classification methods but it certainly won't make the traffic look like "something else". It'll likely still stick out as being "different". :) Adrian
Current thread:
- ISP/VPN's to China? ChrisSerafin (Oct 21)
- Re: ISP/VPN's to China? Fred Baker (Oct 21)
- Re: ISP/VPN's to China? Robert Boyle (Oct 21)
- Re: ISP/VPN's to China? Alex Balashov (Oct 21)
- Re: ISP/VPN's to China? Fred Baker (Oct 21)
- Re: ISP/VPN's to China? Alex Balashov (Oct 21)
- Re: ISP/VPN's to China? Adrian Chadd (Oct 21)
- Re: ISP/VPN's to China? Alex Balashov (Oct 21)
- Re: ISP/VPN's to China? Adrian Chadd (Oct 21)
- Re: ISP/VPN's to China? Seth David Schoen (Oct 22)
- Re: ISP/VPN's to China? Fred Baker (Oct 21)
- Re: ISP/VPN's to China? Chris Edwards (Oct 22)
- Re: ISP/VPN's to China? Alex Balashov (Oct 22)
- Re: ISP/VPN's to China? Chris Edwards (Oct 22)
- Re: ISP/VPN's to China? Alexander Harrowell (Oct 22)
- Re: ISP/VPN's to China? tvest (Oct 22)
- Re: ISP/VPN's to China? Robert Boyle (Oct 21)
- Re: ISP/VPN's to China? tvest (Oct 22)
- Re: ISP/VPN's to China? Fred Baker (Oct 21)
- Re: ISP/VPN's to China? tvest (Oct 21)