Getting around deep packet filters?

Discussion in 'Keeping Your Anonymity In Iran' started by Please unblock, Jun 26, 2009.

  1. Iran's Web Spying Aided By Western Technology -

    Apparently deep packet filtering is happening now. As of today, my Tehran friend's ssh tunneling to a server in America no longer works. ssl is blocked. https is blocked. Ideas? Changing ports doesn't work. Tor doesn't work. What do advise?

    How to get anon-encryption?

    Please help!
  2. none

    (from iran) tor works, freegate works
  3. Encrypt Everything / Learn How To Use TOR, SSL, GPG, OTR/Pidgin

    First, encrypt everything. Use strong passwords ("pass phrases") that use a mixture of letters, numbers, and variable capitalization that are unrelated to your personal details, you never write down anywhere, and never forget.

    Learn how to use TOR, SSL, GPG, OTR/Pidgin.

    Second, many people have raised questions about the details given in the Wall Street Journal's article "Iran's Web Spying Aided By Western Technology", e.g.


    Iran, Traffic Analysis, and Deep Packet Inspection
    Telecoms Helped Iran Spy On the Net; Same Technology Used Here
    Iran Likes DPI Too
    Wikipedia: Deep packet inspection in Iran

    Using TOR, if you can access it, prevents DPI because the traffic between your computer and the entry TOR node is encrypted:


    According to the TOR project, many Iranians are already doing this:


    Even though it uses encryption to transmit packets, TOR does not provide security at either the exit node or the final website. For security, you'll need SSL (https, port 443, other), but this is apparently blocked/url] in Iran.

    There is also
    freegate, which has been brougt to its knees this week.

    Browse using Firefox + Torbutton (+ Keyscramble, at least), never Microsoft Explorer. See this this comment:

    Even if you are using TOR and possibly HTTPS for browsing, encryption that you control directly, like GPG, is the best. Only send personal communications encrypted using GPG. Distribute your GPG public key and tell people to only send you encrypted message. Generate cryptographically strong keys of at least length 1024 bits, preferably 2048 bits. Then using the command

    % gpg -ea -r --output message.txt.gpg message.txt
    all your messages look like the following, and you can use a chain of anonymous remailers to send them securely, as detailed on this site.

    ----BEGIN PGP MESSAGE-----
    Version: GnuPG v1.4.3 (GNU/Linux)
    -----END PGP MESSAGE-----
    Encrypt your hard drives using tools discussed elsewhere on this forum.

    Finally, some references on good practices: How To Communicate Securely in Repressive Environments. And be very careful whom you trust -- read this article at Tehran Bureau as a warning:

  4. My TOR bridge has barely been used since I put it up almost 10 days ago. I'm concerned the method is perhaps not user friendly enough, or perhaps being blocked at least partially. I'm interested in trying Psiphon - Psi-OPS: Psiphon Open Source | Psiphon
    Anyone using this? Any thoughts on usability compared to TOR?
  5. stillstanding Member

    HTTPS/SSL and Tor still work
  6. Sanity Check that IP Works / Get a New IP / Volunteer Your Bandwidth for a TOR Relay

    Without knowing the details, the best guess is that your IP is blocked. If you still want to help you've got several options:

    1. Sanity check with the folks running the proxy setup that your server is actually working. I believe that there are simple tests for this, and it shouldn't be difficult to find out.

    2. Depending on your internet service, it's easy to call in and request a new IP. Do this, make sure that it works, then send it in to the folks running the proxy setup stuff.

    3. If you are blocked, you can still help. Volunteer your bandwidth as a TOR relay -- it's trivial to set up if you're running TOR. The folks running the proxy setup stuff, or others, ought to provide pointers to people who want to help in this way.

    Also, everyone must realize that anyone running a TOR exit node can sniff the packets for usernames, passwords, and personal information, as has actually happened. Unless you've got a secure SSL (https) connection to your destination, you must assume that all information you type into a TOR network can be intercepted and read. Do you know who is operating your exit node? No. Assume that they're reading your traffic. That's the "cost" of anonymity without encryption.

    Only anonymity with encryption, either from SSL or GPG, can securely protect your information.
  7. Geraldanthro Member

Share This Page

Customize Theme Colors


Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins