|
|
|
|
|
|
by yegle
3591 days ago
|
|
|
China's Internet been an Intranet means GFW don't need to be precise in recognizing traffic flows. A little false positive is fine. Some examples:
- Dropping GRE packet so PPTP VPN is not possible
- Send TCP RST to both end when a connection to dport=22 generated too much traffic Also from my understanding, it's not that hard to use some basic machine learning techniques to classify the traffic. That's the reason why Tor project developed obfsproxy to obfuscate the traffic flow. |
|
|