How to obfuscate VPN usage from ISP in restricted countries?
-
yaweburobe
- Posts: 1
- Joined: Tue Sep 25, 2018 4:12 pm
How to obfuscate VPN usage from ISP in restricted countries?
How to obfuscate VPN usage from ISP in restricted countries?
Re: How to obfuscate VPN usage from ISP in restricted countries?
@OP
If you're talking specifically about the Cryptostorm VPN service, using the ECC instances will help, since (if I have this correct) they encrypt the handshake between client and server, so it cannot be identified as being OpenVPN.
The non-ECC instances cannot do this and so they can be blocked using Deep Packet Inspection devices. Having said that, much of what Cryptostorm does is public and there are other ways to block connections...
If you're talking specifically about the Cryptostorm VPN service, using the ECC instances will help, since (if I have this correct) they encrypt the handshake between client and server, so it cannot be identified as being OpenVPN.
The non-ECC instances cannot do this and so they can be blocked using Deep Packet Inspection devices. Having said that, much of what Cryptostorm does is public and there are other ways to block connections...
Re: How to obfuscate VPN usage from ISP in restricted countries?
Yep, the ECC instances use OpenVPN's --tls-crypt option, which encrypts the TLS handshake and most of the initial OpenVPN handshake packets. But our list of server IPs is public, so it wouldn't be too difficult for someone to block all of those.
Most restrictive countries don't though, simply because they don't know about us.
Most restrictive countries don't though, simply because they don't know about us.