Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

A standard VPN doesn't try to hide, and will look like a VPN to the ISP: all packets contain encrypted material, destination doesn't vary, etc. This is what I mean by "unobfuscated", and this would be easy for an ISP to throttle.

One can imagine ways to tunnel VPN traffic over ISP-approved traffic, but that arrangement might have other drawbacks.



DNS tunneling is essentially unblockable if implemented well, but slow due to the large overhead.


Okay, sorry, thought you meant unobfuscated as in unencrypted.

Yes, you could tunnel VPN traffic over an HTTPS connection. I have built VPNs using ppp over ssh tunnelling before, and that works fine.


Putting it over HTTPS won't necessarily stop them. The caveat mentioned in the article is that they won't track your HTTPS web browsing. But they can still slow it to a crawl if they don't like you doing it.


No worries! Actually I wonder if just tunneling over TLS would be enough if the ISP were determined. I mean, after they see me pushing and pulling GBs from the same host for an hour, they might just GET it themselves. If they see a "how to configure your VPN" page, that address could go on a slow-list.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: