Groups | Search | Server Info | Login | Register
Groups > comp.security.misc > #260
| Newsgroups | comp.security.misc |
|---|---|
| Subject | Re: How to detect a VPN connection? |
| References | <9sds87pm634b4i8vp1s861e0orl1pffstf@4ax.com> |
| From | Doug McIntyre <merlyn@geeks.org> |
| Date | 2011-10-07 00:54 +0000 |
| Message-ID | <4e8e4dc3$0$79796$8046368a@newsreader.iphouse.net> (permalink) |
| Organization | ipHouse - Welcome Home! |
Gilles <nospam@nospam.com> writes: >I just read this article: >"The latest information indicate that now Syria is also following >China and Iran in blocking VPN ports on the internet to limit user >access." >www.stopfundamentalism.com/index.php?option=com_content&task=view&id=1207&Itemid= >How do admins detect VPN connections? Because the TCP/IP packets have >some particular header? FWIW: I was in China in Fall 2010 and had zero problems connecting on any VPN type I tried in 4 different cities within China. Nor did I have any problems in 2004 when I was there as well. Of course, the great firewall did block Facebook and Blogger, but I didn't seem to have problems connecting to many other sites.. But back to the topic, since there are many different VPN technologies, it would take different methods to block each kind. IPSec type connections could be blocked just by blocking protocols 50 & 51. They could block PPTP with blocking port 1723. L2TP over IPSec could be blocked by its port, but it wouldn't work with 50 & 51 blocked anyway. Then they could do much more advanced tactits, like when Iran blocked TOR by looking at the SSL certificates expiration dates, which the TOR network had a pattern (that they've since worked around). That would take some network processing power to look that deep into the protocols..
Back to comp.security.misc | Previous | Next — Previous in thread | Next in thread | Find similar
How to detect a VPN connection? Gilles <nospam@nospam.com> - 2011-10-07 01:21 +0200
Re: How to detect a VPN connection? Barry Margolin <barmar@alum.mit.edu> - 2011-10-06 20:34 -0400
Re: How to detect a VPN connection? Doug McIntyre <merlyn@geeks.org> - 2011-10-07 00:54 +0000
Re: How to detect a VPN connection? Gilles <nospam@nospam.com> - 2011-10-07 12:08 +0200
Re: How to detect a VPN connection? Casper H.S. Dik <Casper.Dik@OrSPaMcle.COM> - 2011-10-07 10:43 +0000
Re: How to detect a VPN connection? Gilles <nospam@nospam.com> - 2011-10-07 20:15 +0200
Re: How to detect a VPN connection? Casper H.S. Dik <Casper.Dik@OrSPaMcle.COM> - 2011-10-07 22:39 +0000
Re: How to detect a VPN connection? Gilles <nospam@nospam.com> - 2011-10-08 02:27 +0200
csiph-web