undefined | Better HN

0 pointssebazzz2mo ago0 comments

I think HTTP web sockets would be an interesting tunneling protocol.

0 comments

Tor has a transport using exactly that.

https://blog.torproject.org/introducing-webtunnel-evading-ce...

You don't need websockets, just Connection: Upgrade to anything you want. You can upgrade directly to ssh protocol and just pass on decrypted data from https socket to local port 22 from then on with no further processing.

ranger_danger2mo ago

Proper DPI can tell that wouldn't be acting like a typical HTTP stream, encrypted or not.

catlifeonmars2mo ago

Hehe true, SSH traffic is so characteristically obvious that the packet size and timing can be used as a side channel to leak information about a session.

Tangential: but I recall reading about a similar technique used on SRTP packets to guess the phonemes being uttered without needing to decrypt the traffic.

1 more reply

megous2mo ago

would not be able to tell from websockets uses

1 more reply

j / k navigate · click thread line to collapse

0 comments

bauruine2mo ago

Tor has a transport using exactly that.

https://blog.torproject.org/introducing-webtunnel-evading-ce...

megous2mo ago

ranger_danger2mo ago

Proper DPI can tell that wouldn't be acting like a typical HTTP stream, encrypted or not.

catlifeonmars2mo ago

Hehe true, SSH traffic is so characteristically obvious that the packet size and timing can be used as a side channel to leak information about a session.

Tangential: but I recall reading about a similar technique used on SRTP packets to guess the phonemes being uttered without needing to decrypt the traffic.

1 more reply

megous2mo ago

would not be able to tell from websockets uses

1 more reply

j / k navigate · click thread line to collapse