iran

Donald Pearson donaldwhpearson at gmail.com
Mon Jan 2 21:26:27 CET 2012 

Check out corkscrew.

http://www.agroman.net/corkscrew/

On Mon, Jan 2, 2012 at 12:42 PM, Siavash Sameni <siavash.sameni at gmail.com>wrote:

> Hey everyone ,
> I'm using tinc from iran , and i've been using tinc with tcponly for a few
> years now , to bypass the filtering , and have access to the free internet
> , but recently , our government started to apply some sort of exotic
> filtering scheme , they've completely blocked outgoing and incoming ssh
> requests , and ssl encrypted packets , and the only thing allowed is https
> !! , which gives you full speed (like 200K/s ) for trusted websites lets
> say gmail , and around 3-7 KB/s , for non trusted websites , let's say CIA
> website .
> the only vpn that somehow works at the moment is IP-IP tunnel , which
> doesn't have no encryption , and thus , for instance ssh , inside of the ip
> ip tunnel doesn't work .
> at the moment tinc , still works , but as soon as there is some traffic on
> the tunnel (more than 1KB/s ) it starts to behave weird, and for instance ,
> ssh over it will have hiccups .
> my idea is right now this , maybe there is a way to mark packets as
> something known (read it http or ftp) for the layer 7 packet analyzer on
> the way , so it'd give full bandwidth , and doesn't drop the connection .
> because in the past we had sort of the same situation , they've limited
> the connection speed of SSH , but if we used an LSH client (which had a
> different signature) the problem was not existence no more , the
> performance was great .
> or maybe if i can change the cipher , or the encryption algorithm , it'd
> be perfect .
> for my line of work , not being able to use ssh , mean that , i cannot
> possibly work ,
> at the moment , i have three ways to do ssh ,
> 1. shell in a box .
> 2. tinc with the performance of few hundred bytes a second
> 3. vpnc in an ipip tunnel !!! with variable performance .
> anyhelp would be appreciated .
> sorry for that it's not really related to tinc itself , but if tinc could
> be used , i'd appreciate it the most :)
> thank you.
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20120102/2a5fed78/attachment.html>

More information about the tinc mailing list