nanog mailing list archives
Re: Iran blocking essentially all encyrpted protocols
From: Richard Barnes <richard.barnes () gmail com>
Date: Sat, 11 Feb 2012 13:50:10 -0800
FWIW: A colleague in Iran was able to connect to a server in the US using HTTPS on a non-standard port (9999). It appears that the Iranian government is not blocking TLS/HTTPS per se, but just port 443. So in principle, if there were just some HTTPS proxies using non-standard ports, then people would be able to get out. At least until (1) the addresses of the proxies become known to the regime, or (2) they start blocking cross-border TLS altogether. --Richard On Fri, Feb 10, 2012 at 12:07 PM, Marshall Eubanks <marshall.eubanks () gmail com> wrote:
And in response http://www.forbes.com/sites/andygreenberg/2012/02/10/as-iran-cracks-down-online-tor-tests-undetectable-encrypted-connections/ (quoting) : “Basically, say you want to look like an XMPP chat instead of SSL,” he writes to me, referring to a protocol for instant messaging as the decoy for the encrypted SSL communications. “Obfsproxy should start up, you choose XMPP, and obfsproxy should emulate XMPP to the point where even a sophisticated [deep packet inspection] device cannot find anything suspicious.” Regards Marshall On Fri, Feb 10, 2012 at 2:03 PM, Shahab Vahabzadeh <sh.vahabzadeh () gmail com> wrote:Yes I am from Iran and outgoing TCP/443 has been stoped ;) -- Regards, Shahab Vahabzadeh, Network Engineer and System Administrator PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90 On Feb 10, 2012, at 9:56 PM, Ryan Malayter <malayter () gmail com> wrote:Haven't seen this come through on NANOG yet: http://arstechnica.com/tech-policy/news/2012/02/iran-reportedly-blocking-encrypted-internet-traffic.ars Can anyone with the ability confirm that TCP/443 traffic from Iran has stopped?
Current thread:
- Iran blocking essentially all encyrpted protocols Ryan Malayter (Feb 10)
- Re: Iran blocking essentially all encyrpted protocols Donald Eastlake (Feb 10)
- Re: Iran blocking essentially all encyrpted protocols Jay Ashworth (Feb 10)
- Re: Iran blocking essentially all encyrpted protocols James Smith (Feb 10)
- Re: Iran blocking essentially all encyrpted protocols Shahab Vahabzadeh (Feb 10)
- Re: Iran blocking essentially all encyrpted protocols Marshall Eubanks (Feb 10)
- Re: Iran blocking essentially all encyrpted protocols Shahab Vahabzadeh (Feb 11)
- Re: Iran blocking essentially all encyrpted protocols Richard Barnes (Feb 11)
- Re: Iran blocking essentially all encyrpted protocols Alan Clegg (Feb 11)
- Re: Iran blocking essentially all encyrpted protocols Marshall Eubanks (Feb 10)