Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ISP/VPN's to China?

  • From: Adrian Chadd
  • Date: Wed Oct 21 21:56:35 2009 
On Wed, Oct 21, 2009, Alex Balashov wrote:
> I was not aware that tools or techniques to do this are widespread or  
> highly functional in a way that would get them adopted in an Internet  
> access control application of a national scope.
> 
> Tell me more?

It's been a while since I tinkered with this for fun, but a quick abuse
of google gives one relatively useful starting paper:

http://ccr.sigcomm.org/online/files/p7-v37n1b-crotti.pdf

Now, if you were getting multiple overlapping fingerprints inside a
UDP packet stream you may conclude that it is a VPN tunnel of some
sort.

Just randomly padding the tunnel with a few bytes either side will
probably just fuzz the classifier somewhat. Aggregating the packets
up into larger packets may fuzz the classification methods but it
certainly won't make the traffic look like "something else".
It'll likely still stick out as being "different". :)



Adrian


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.