top | item 10330476

(no title)

rsy96 | 10 years ago

How is this different from a VPN over UDP, like OpenVPN or Cisco Anyconnect?

discuss

fenesiistvan|10 years ago

In some countries all VPN is blocked (so the ISP will simple block the stream if standard VPN headers are detected).

These kind of tunnels allows custom, obfuscated protocols.

A010|10 years ago

> It's useful to avoid Internet restrictions

It's used to bypass DPI where known VPN softwares are already filtered.

eps|10 years ago

How many providers have DPI filtering for select apps on unauthenticated connections? Exactly zero.

PinguTS|10 years ago

Exactly, that was my first thought. I have an OpenVPN endpoint on different ports over UDP and TCP available.

My experience is, that UDP is also blocked like TCP. The only possible work around is then IP over DNS, which works but with very very limited bandwidth.

noselasd|10 years ago

On cellular networks, my experience is that everything on port 53 is hijacked and shipped off to a telco DNS server though.

fenesiistvan|10 years ago

> The only possible work around is then IP over DNS

What about tunnel over HTTP? That can be much better obfuscated. Tunnel over DNS can be easily filtered out by just checking for the traffic amount (for example to block VoIP the ISP should just degrade DNS if traffic amount is above a treshold for a user)

unknown|10 years ago

[deleted]

callesgg|10 years ago

It is easier to hack and make small changes i presume.