Google 'obfsproxy' , it can be used with a self hosted tor relay or openvpn. Make all your net traffic look like http (not HTTPS) cat jpegs. On Jan 5, 2016 5:30 PM, "Josh Reynolds" <j...@kyneticwifi.com> wrote:
> Yup. If you really want to get around VPN blockers, proxies, and things > like ssh tunnels... It's really hard when the person you want to block > controls both ends of the tunnel. > On Jan 4, 2016 3:00 PM, "Eric Kuhnke" <eric.kuh...@gmail.com> wrote: > >> It takes some fairly deep packet inspection to 'block' an openvpn server >> running in TCP mode (not the default UDP) on port 443. I have an openvpn >> instance for just this purpose, in case I get stuck somewhere like a wifi >> captive portal in an airport lounge behind an overly restrictive firewall. >> >> On Mon, Jan 4, 2016 at 12:55 PM, Justin Wilson <li...@mtin.net> wrote: >> >>> >>> http://www.tomshardware.com/answers/id-2084381/blocking-vpn-students-blocked-websites.html >>> >>> >>> >>> Justin Wilson >>> j...@mtin.net >>> >>> --- >>> http://www.mtin.net Owner/CEO >>> xISP Solutions- Consulting – Data Centers - Bandwidth >>> >>> http://www.midwest-ix.com COO/Chairman >>> >>> On Jan 4, 2016, at 3:48 PM, Eric Kuhnke <eric.kuh...@gmail.com> wrote: >>> >>> As an ISP why are you wasting your time 'blocking' anything other than >>> standard ACLs like port 139/windows file sharing? It's not your duty or >>> responsibility. If people want to implement their own firewall at their >>> self-owned router/CPE, let them, or if they want to buy some net nanny >>> software for their end point device, that's their responsibility. >>> >>> An ISP is a* pipe*. >>> >>> On Mon, Jan 4, 2016 at 7:42 AM, Nate Burke <n...@blastcomm.com> wrote: >>> >>>> We're dealing with a customer who is trying to block porn from their >>>> house. The person who has the 'problem' is tech savvy, and is using VPN >>>> Services. Is there any way to block someone like this? I'm guessing any >>>> content filtering wouldn't work because the VPN is terminating on the >>>> computer behind the router. Any sort of IP or DNS Block they would be able >>>> to bypass. Is there any way to stop a tech person from getting what they >>>> want? Right now our only thought is to put in like a 10k/s queue on their >>>> connection during the overnight hours. Other options? >>>> >>> >>> >>> >>