Jump to content

Iran Partially Blocks Encrypted Network Traffic


Recommended Posts

Over the past two days we've been hearing from, and working with, a number of Iranians having difficulty using Tor from inside Iran. It seems the Iranian government has ramped up censorship in three ways: deep packet inspection (dpi) of SSL traffic, selective blocking of IP Address and TCP port combinations, and some keyword filtering. For instance, they have partially blocked access to Tor's website, torproject.org, via IP address (such as and port 443 (which is the HTTPS port). The third level of blocking is by keywords, such as searching for the word 'tor' via regular, non-encrypted search engine websites.

The blocks on SSL are not complete and not nationwide. Where blocking is in place, initial investigations show they are identifying the beginning of the SSL handshake and simply interrupting the handshake. We continue to research and investigate solutions with the assumption that SSL will eventually be blocked nationwide inside Iran. Our goal is to defeat their dpi signatures and allow tor to work by default.

The Iran Media Program has posted their thoughts on what is happening from a journalist's perspective.

So far, it seems the majority of Tor users are not affected by these blocks. Iran is still the #2 country based on direct usage, https://metrics.torproject.org/users.html?graph=direct-users&country=ir#.... This number is on the decline, however.

More details to follow as we have them.

Update 2011-02-10 18:05 UTC: We are working on making our obfuscating proxy more stable and easier to deploy. If you can compile code, following these directions will help. We're also working on Amazon EC2 instances of obfsproxy for point and click deployment.

phobos's blog Email this Blog entry

Source: https://blog.torproject.org/blog/iran-partially-blocks-encrypted-network-traffic

Link to comment
Share on other sites

I hesitate to post this, but IMO we should keep politics away from hak5. Yes it's sad whats happening over there, but the same thing is happening in China and tons of Mid East nations and no one seems to care about those places.

Not to mention if we start talking tech details about Iranian ISP's that is going to attract some not so friendly people around here *points up*.

Edited by bobbyb1980
Link to comment
Share on other sites

Yeah, I am aware of the impact of sharing such piece of information could have on this forum.

I wasn't trying to promote the article but simply to share with other people who may have something to say about it.

As you seemed offended, could I please ask the forum moderator to remove this post.

For those who may dislike or feel offended, my apologies.

Edited by Infiltrator
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...