|
|
|
|
|
|
by grishka
1156 days ago
|
|
|
Russian internet censorship is very simple. They don't seem to be using DPI to target VPN protocols at all, instead trying to block IPs/subnets of known commercial VPN providers. Blocking IPs, subnets, and domains is the primary operating mode of Roskomnadzor. There allegedly is DPI, but it only comes into play as an extra measure against things like domain fronting, proxies, and plaintext HTTP. It'd look at the SNI and inject a RST packet to drop the connection. As it does not even try to implement TCP, analyzing each IP packet in isolation, there are various interesting utilities[1] that mess with it by, for example, splitting the TLS ClientHello into two TCP packets in the middle of the domain name. [1] https://github.com/ValdikSS/GoodbyeDPI |
|
|