Crypt-2's signature

[houmie]

Hi mate,

I hope all is well. Sadly OpenVPN with Crypt-2 is no longer safe from DPI scans as it used to be.
They can't block it entirely like IKEv2, hence a working connection can still be established for a short while. However after a few minutes the connection simply disconnects.

I'm not sure how they manage that. Each time it takes them a few minutes to recognise the packet signature first and then they disrupt it.

I was wondering if you have any suggestion about what I could do in the settings to circumvent that.

The only other alternative I can think of right now is to use the XOR patch and see if that works combined with Crypt-v2.

P.S. Your gmail address is not working anymore, right? Feel free to drop me your new email, if you like.

Best Regards,
H.

[TinCanTech]

It is not possible to completely encrypt an IP packet; there is the ethernet header, which is physical device to device and there is the IP header, which is source to destination. No matter what you do, these cannot be obscured in anyway, otherwise the packet would be invalid and dropped.

If a packet is so well encrypted that it cannot be matched by any other means then it will be filtered by these public fields and there is nothing that can be done about it.

I'm sorry to have to say this but it is corrupt government to blame. The idea of government is to represent the people, the reality of government is that it predates upon the very people it was created to defend. The world is broken,

My email is on every commit, it's not hard to find.