Re: How to Blocking VoIP ( H.323) ?

[joshua sahala <jejs () sahala org>]

On (13/11/04 12:53), Alexei Roudnev wrote:
> I agree with Robert. But if you deal with some super tricked protocols (like
> SpyPE) and you really want to block VoIP (not show that you comply to
> regulations, but REALLY block it) - disruption looks as the only real
> opportunity. For any filterig, I can always create a protocol which will
> ignore your filters.

no need to create a new protocol, just use an existing one to tunnel the
traffic - gre/ip in ip/ipsec/ssl...if someone wants to bypass the filtering
badly enough, it is trivial to do and they will likely be willing to put
the beefier hardware in place to account for any extra processing overhead.  

i've also heard of satellite links being used to bypass the filtering...a
cheap local phone (or six) can be kept hidden from the authorities for as
long as the bribes are paid and/or it doesn't cut too deeply into the
ptt's monopoly

/joshua
-- 

            ****    END NANOG CENSORSHIP    **** 
               FREE RAS   ****   FREE WILCO