[tor-bugs] #4185 [Tor Bridge]: Bridge easily detected by GFW
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Dec 29 13:12:48 UTC 2011
#4185: Bridge easily detected by GFW
------------------------+---------------------------------------------------
Reporter: hrimfaxi | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: unspecified
Component: Tor Bridge | Version: Tor: 0.2.3.5-alpha
Keywords: blocking | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Changes (by naif):
* cc: naif (added)
Comment:
Checked several IP of them, it seems that most of them are dynamic IP
addresses of DSL and PPP running variety of OS, from Windows 2003 with
Terminal Service, Linux with Mysql, cheap home router.
Some questions:
a) After the SSL negotiation, does the GFW probes also send an HTTP
request or just finish the SSL handshake and close it?
b) Does the prober announce a specific/detectable set of SSL/TLS
version/ciphers?
c) Does anyone checked actively with OS fingerprinting tools if the
"prober's OS" can be recognized?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4185#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list