Re: [tor-talk] News from Iran
Wow, that surprises me. I know that Syria blocks it with firewalls, and that Syria often seems to take their cues from what Iran does. -Andrew On Oct 4, 2012, at 12:22 AM, and...@torproject.is wrote: On Wed, Oct 03, 2012 at 05:41:05PM -0400, and...@pdqvpn.com wrote 1.0K bytes in 34 lines about: : IPsec is trivially easy to block. Most countries do it at the edge with simple port based firewalls. Yes, but not sure they actually block it. As of 6 months ago, china ignored ipsec. -- Andrew http://tpo.is/contact pgp 0x6B4D6475 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
On Thu, Oct 4, 2012 at 5:22 AM, and...@torproject.is wrote: On Wed, Oct 03, 2012 at 05:41:05PM -0400, and...@pdqvpn.com wrote 1.0K bytes in 34 lines about: : IPsec is trivially easy to block. Most countries do it at the edge with simple port based firewalls. Yes, but not sure they actually block it. As of 6 months ago, china ignored ipsec. IPSec was blocked in Ethiopia a few months ago, as far as I know. I wouldn't be surprised if China is blocking it as well. -- Runa A. Sandvik ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 NotDashEscaped: You need GnuPG to verify this message Just a quick note on China and IPsec. Less than a month or so, I know and confirmed that a certain company inside China still uses Cisco IPsec to communicate with their outside division (EU). I can't name the company here but it is a big one. I worked on that project a while ago and checked recently with a colleague which confirmed me that the tunnel is sill in operation. The question now is if it has ties with the government for that kind of services or not. (bribe, influence, that I don't know). Thanks! David and...@torproject.is: On Wed, Oct 03, 2012 at 05:41:05PM -0400, and...@pdqvpn.com wrote 1.0K bytes in 34 lines about: : IPsec is trivially easy to block. Most countries do it at the edge with simple port based firewalls. Yes, but not sure they actually block it. As of 6 months ago, china ignored ipsec. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCgAGBQJQbZLEAAoJEELoaioR9I02rxQH/0UrC+KCnd7+P7jJsHJJ1RNk 914JKiwV5+A4OPryvbTqmpnmvwqTughPqYTAHQSFYLP9lo2oS1I7YWA61JRiVQUR sjG2R1hBYrTfKAPXO6vASGHHOsnnES5NWa86kEHzQvUh6KFdDx9OtrqF8F/S/Btr VGMess1zYdQb4qvvTs3r+pgP3TDMIpeqREsN12gZ+NQ3crkDQF6rUixpbp2lf8i1 Vw8KrPec+ov7/JNMITvaL4bSM1nnnvjAq8F4cqkHslgS/cYNEbcG5JcuYAN+YXng agskgi+eEzmfr8XMHWd354SXhVnMpM4m1ihrE+Gh6ExZfMzpt2qw58q3mz9rtgk= =fqcl -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
IPsec is trivially easy to block. Most countries do it at the edge with simple port based firewalls. SSL VPN/Tor/Stunnel/OpenSSH are all better options then IPsec to beat filtering at the moment. With that said I am not sure if Iran blocks IPsec, but I'd be surprised if they didn't. -Andrew On Sep 23, 2012, at 6:19 PM, HardKor wrote: Hello, I just read in an online newspaper that Iran will block Google (and Youtube) very soon. The article also say that the whole network will be disconnected from the internet soon. Does any one have more detailed informations about what's going on over threre ? HardKor 5845 16EB 0589 B89A 5E6E 98DE 74F5 F875 6D34 45F9 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
Karsten, This was the fifth explanation for the blocking in as many days. Iran has blocked YouTube permanently since the June 2009 election. It is important to note, however, that Iran has begun DNS injection today at the DCI gateway (AS12880) for the requests on at least youtube.com. Pastebin: http://pastebin.com/VNDEJReP http://pastebin.com/VNDEJReP Also, my paper on the weird use of 10.0.0.0/8 addresses within the country, which now has to be updated after only twenty-four hours... arxiv.org/abs/1209.6398 Cordially, Collin On Mon, Oct 1, 2012 at 10:23 AM, Karsten N. k...@awxcnx.de wrote: We wanted to block YouTube, and Gmail was also blocked, which was involuntary. (Iran's telecommunications ministry committee) http://www.bbc.com/news/technology-19784409 Karsten N. On 10/01/2012 10:06 AM, Collin Anderson wrote: Just a notice, it appears that the rules blocking SSL to the IPs in Google/Gmail's DNS round robin have been removed for the two international gateways, outages are still occurring because a few of the local ISPs decided to get clever and filter it themselves. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/02/2012 04:12 PM, Collin Anderson wrote: Karsten, This was the fifth explanation for the blocking in as many days. Iran has blocked YouTube permanently since the June 2009 election. It is important to note, however, that Iran has begun DNS injection today at the DCI gateway (AS12880) for the requests on at least youtube.com. Pastebin: http://pastebin.com/VNDEJReP http://pastebin.com/VNDEJReP Also, my paper on the weird use of 10.0.0.0/8 addresses within the country, which now has to be updated after only twenty-four hours... arxiv.org/abs/1209.6398 Cordially, Collin Perhaps people can get around this by using their own internal resolvers and/or ipsec tunnels? Are ipsec tunnels legal there? Perhaps a good case for a darknet inside Iran? - -- Larry Brower, CCNA Fedora Ambassador - North America Fedora Quality Assurance lbro...@fedoraproject.org http://www.fedoraproject.org/ -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJQa2/oAAoJEPXCUD/44PWqOtgQAJqZE0DjDmDfYeb3AiQZC+rY 6STgpl3nErfK7muyY2V4ONgHp1QMXolHv3GiW8hEYDxgZrgInobKF/+iAATLWa73 OtEGt2l6TyjSCCU4RYl4Zv1LDuUmVHsTZl03f4Msp9Z0JAE6NiGDASgPlWy34qrd /Ce0uCCkP7COfWXfICwlTL5oxcBKTuA7IvkcjzVF+9eG3I8nApPIA50hXHNgYs0f F1qWHNvxA6LMueVJV/x5y3Jt+RwdkpXvP0X9yoSZRwT3xwRQC5g++vE4h2esLIln WhE6yXZmu1wOXNwJchPE+Wgb72w9mmOQR8/XxT9cRCbx7wOTTI24XfXqmgd5yOXN Z+MnESpYksIpu4oHhwHGom+PzKr/GM93fKI38JvxBXmaftF10vCcg8HeUhcxnXSB nzBnnBqU/xmWGrLLoTHC4qL4B2BDuNZWzNFzSYosaezuBmJqmTDA5FrBzPwbGOTP cCJIPm0vSlH6QuBKzcKAxGjJIORLHf9kCE2rbtXsGUQgnhpIhIPrynEjCtKDq9+M cl2vS7alEPm+hKnR1c//0GtSxkiZUh1Fpj++cW/F2Bp4k3i635dVBSj9eR0qj+zW dAGOWYc+K0Cz6v0/fahEABMATi4Ft/wZTY6nWXLTVPW1xjGtXWfO3RPurjlMpSON OJ6CVrb7uvJSZDHFzLx+ =pxqJ -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
Just a notice, it appears that the rules blocking SSL to the IPs in Google/Gmail's DNS round robin have been removed for the two international gateways, outages are still occurring because a few of the local ISPs decided to get clever and filter it themselves. On Mon, Sep 24, 2012 at 6:29 AM, Mansour Moufid mansourmou...@gmail.comwrote: On 2012-09-24, at 2:10 AM, Runa A. Sandvik wrote: On Sun, Sep 23, 2012 at 11:36 PM, SiNA Rabbani s...@redteam.io wrote: Next phase is to do the same with the entire population of Iran. It is hard for me to imagine the Internet getting completely shutdown. I suspect they will make SSL traffic very slow to a point that users would give up and look for other alternatives Isn't this something they have been doing for a while? Apparently VPNs were made illegal, but I don't think that was enforced. Personally, I wish I had to go to the other side of the planet to find this kind of thing. Bell, a Canadian ISP, does it too. Not SSL but VPN and other traffic their DPI can't identify, is steadily throttled down to zero. OTOH, Rogers, the only other ISP, has always messed with DNS. Iran must be doing this with Canadian tech -- it sounds so familiar. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
On Sun, Sep 23, 2012 at 11:36 PM, SiNA Rabbani s...@redteam.io wrote: Next phase is to do the same with the entire population of Iran. It is hard for me to imagine the Internet getting completely shutdown. I suspect they will make SSL traffic very slow to a point that users would give up and look for other alternatives Isn't this something they have been doing for a while? -- Runa A. Sandvik ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
On 2012-09-24, at 2:10 AM, Runa A. Sandvik wrote: On Sun, Sep 23, 2012 at 11:36 PM, SiNA Rabbani s...@redteam.io wrote: Next phase is to do the same with the entire population of Iran. It is hard for me to imagine the Internet getting completely shutdown. I suspect they will make SSL traffic very slow to a point that users would give up and look for other alternatives Isn't this something they have been doing for a while? Apparently VPNs were made illegal, but I don't think that was enforced. Personally, I wish I had to go to the other side of the planet to find this kind of thing. Bell, a Canadian ISP, does it too. Not SSL but VPN and other traffic their DPI can't identify, is steadily throttled down to zero. OTOH, Rogers, the only other ISP, has always messed with DNS. Iran must be doing this with Canadian tech -- it sounds so familiar. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
Rogers, the only other ISP, has always messed with DNS. Better that than messing with VPN traffic (or general Bit-torrent traffic) I'm pretty happy with Rogers to date though I worry about potential changes to Canadian legislation to bring it in-line with American MAFIAA rules. I'd certainly have some questions to ask Bell if they ever come up with a low enough cost option to make me consider switching (though I'm not sure I'd get straight answers!) On 2012-09-24 06:29, Mansour Moufid wrote: Apparently VPNs were made illegal, but I don't think that was enforced. Personally, I wish I had to go to the other side of the planet to find this kind of thing. Bell, a Canadian ISP, does it too. Not SSL but VPN and other traffic their DPI can't identify, is steadily throttled down to zero. OTOH, Rogers, the only other ISP, has always messed with DNS. Iran must be doing this with Canadian tech -- it sounds so familiar. -- Regards ... Alec (buralex@gmail WinLiveMess - alec.m.burgess@skype) ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] News from Iran
Hello, I just read in an online newspaper that Iran will block Google (and Youtube) very soon. The article also say that the whole network will be disconnected from the internet soon. Does any one have more detailed informations about what's going on over threre ? HardKor 5845 16EB 0589 B89A 5E6E 98DE 74F5 F875 6D34 45F9 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
Finally after years of waiting we will get to see what a so called Halal Internet looks like. So far they have completed Phase One which is to disconnect all the governmental entities from Gmail and other foreign services. Next phase is to do the same with the entire population of Iran. It is hard for me to imagine the Internet getting completely shutdown. I suspect they will make SSL traffic very slow to a point that users would give up and look for other alternatives Today, Iran started to block Gmail at different ISP and cities all over Iran. The head of the unit that is in charge of blocking said that Because of the release of an anti-islam videos about prophet Muhammad on Youtube, which is owned by Google, *The People* have asked for these sites to be blocked! So we have decided to Block Google and Gmail service until further notice. --SiNA On 09/23/2012 03:19 PM, HardKor wrote: Hello, I just read in an online newspaper that Iran will block Google (and Youtube) very soon. The article also say that the whole network will be disconnected from the internet soon. Does any one have more detailed informations about what's going on over threre ? HardKor 5845 16EB 0589 B89A 5E6E 98DE 74F5 F875 6D34 45F9 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
To be historically accurate, Youtube has been blocked in Iran for at least three years. Last week, I had compiled a list of open HTTP proxies within country, and iterating requests for Google, Gmail, and Youtube now, everything appears to be the way they have been for some time. Somewhat relatedly, this week, I will be posting a working paper to arXiv on how Iran has set up a hidden Internet using RFC 10/8 IP addresses. On Sun, Sep 23, 2012 at 6:36 PM, SiNA Rabbani s...@redteam.io wrote: Finally after years of waiting we will get to see what a so called Halal Internet looks like. So far they have completed Phase One which is to disconnect all the governmental entities from Gmail and other foreign services. Next phase is to do the same with the entire population of Iran. It is hard for me to imagine the Internet getting completely shutdown. I suspect they will make SSL traffic very slow to a point that users would give up and look for other alternatives Today, Iran started to block Gmail at different ISP and cities all over Iran. The head of the unit that is in charge of blocking said that Because of the release of an anti-islam videos about prophet Muhammad on Youtube, which is owned by Google, *The People* have asked for these sites to be blocked! So we have decided to Block Google and Gmail service until further notice. --SiNA On 09/23/2012 03:19 PM, HardKor wrote: Hello, I just read in an online newspaper that Iran will block Google (and Youtube) very soon. The article also say that the whole network will be disconnected from the internet soon. Does any one have more detailed informations about what's going on over threre ? HardKor 5845 16EB 0589 B89A 5E6E 98DE 74F5 F875 6D34 45F9 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
They won't be online much after the EMP :) -- CTS MASTERING, affordable and professional mixing and mastering: http://www.ctsmastering.com Twitter: https://twitter.com/#!/CTSMASTERING BLOG: www.ctsmastering.com/blog Linked In: http://ca.linkedin.com/pub/chris-smart/46/824/536 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
:/ On Sep 23, 2012 6:10 PM, Chris Smart csma...@cogeco.ca wrote: They won't be online much after the EMP :) --** CTS MASTERING, affordable and professional mixing and mastering: http://www.ctsmastering.com Twitter: https://twitter.com/#!/**CTSMASTERINGhttps://twitter.com/#!/CTSMASTERING BLOG: www.ctsmastering.com/blog Linked In: http://ca.linkedin.com/pub/**chris-smart/46/824/536http://ca.linkedin.com/pub/chris-smart/46/824/536 __**_ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talkhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
I spoke too soon, my host that routes through the DCI (AS12880) is unable to access Google sites through SSL. HTTP seems to still work though. On Sun, Sep 23, 2012 at 9:04 PM, Chris Smart csma...@cogeco.ca wrote: They won't be online much after the EMP :) --** CTS MASTERING, affordable and professional mixing and mastering: http://www.ctsmastering.com Twitter: https://twitter.com/#!/**CTSMASTERINGhttps://twitter.com/#!/CTSMASTERING BLOG: www.ctsmastering.com/blog Linked In: http://ca.linkedin.com/pub/**chris-smart/46/824/536http://ca.linkedin.com/pub/chris-smart/46/824/536 __**_ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talkhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
Apologies for flooding, Pastebin: http://pastebin.com/xbeQcVNa On Sun, Sep 23, 2012 at 9:39 PM, Collin Anderson col...@averysmallbird.comwrote: I spoke too soon, my host that routes through the DCI (AS12880) is unable to access Google sites through SSL. HTTP seems to still work though. On Sun, Sep 23, 2012 at 9:04 PM, Chris Smart csma...@cogeco.ca wrote: They won't be online much after the EMP :) --** CTS MASTERING, affordable and professional mixing and mastering: http://www.ctsmastering.com Twitter: https://twitter.com/#!/**CTSMASTERINGhttps://twitter.com/#!/CTSMASTERING BLOG: www.ctsmastering.com/blog Linked In: http://ca.linkedin.com/pub/**chris-smart/46/824/536http://ca.linkedin.com/pub/chris-smart/46/824/536 __**_ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talkhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk