[tor-relays] Port for obfsproxy

George Kadianakis desnacked at riseup.net
Mon Oct 7 21:10:03 UTC 2013


"GDR!" <gdr at gdr.name> writes:

> On 07.10.2013 21:11, dardok wrote:
>> I guess that you misunderstood the concept of obfsproxy. It is useful
>> to obfuscate the communication between a client  within a censorship
>> zone and a tor bridge. The obfsproxy doesn't emulate a HTTP protocol
>> communication, instead it is designed to look random (and the packets
>> are encypted). So if you try to run this service over the HTTP port 80
>> and the packets are random and not looking like a HTTP communication,
>> it will be more suspicious than running this service over any other port.
>
> Thank you. I understood the concept but not the implementation.
>
> "For example, there MIGHT be a HTTP transport which transforms Tor
> traffic to look like regular HTTP traffic."
>
> I missed the "MIGHT" part. Too bad this doesn't exist.

Ha, you caught us! That website sentence is indeed an advertisement
trick!  Obfsproxy does *not* have an HTTP module yet, unfortunately.

The funny thing about HTTP transports is that it's easy to write a
simple but trivially detectable HTTP transport, and quite hard to
write an actually good HTTP transport. We have open tickets for both
ideas and would appreciate coding help:
https://trac.torproject.org/projects/tor/ticket/5625
https://trac.torproject.org/projects/tor/ticket/8676

Also see
https://github.com/sjmurdoch/http-transport/blob/master/design.md
for things to consider when writing your HTTP transport.

(I CC'ed dardok who recently appeared in tor-talk and wanted to
contribute to pluggable transports development.)


More information about the tor-relays mailing list