[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Flashproxy alpha bundles



On Thu, Dec 13, 2012 at 06:38:03PM +0000, adrelanos wrote:
> Have you considered Hole punching techniques? [1] TCP, UDP, ICMP hole
> punching... There are many techniques. I don't know if the WebSocket
> protocol would prevent it.
> 
> STUN [2] like techniques where a third non-firewalled server helps to
> traversal the NAT. (Only NAT, not used a proxy.)
> 
> pwnat [3] also looks interesting. It doesn't need a third server and
> lets connect two nat'ed machines with each other.

Better nat punching is on the 'future research' list.

The main challenge is that if you're trying to provide a circumvention
system, then relying on a "reliably reachable third party" is exactly
what you can't do.

Whether these various "look, no hands" punching tools and tricks can be
done using only websockets on the remote side is a great question for
somebody to answer.

See also Jake's NAT investigation tech report at
http://research.torproject.org/techreports.html

(I'm cc'ing Christian Grothoff, as our resident nat punching expert.)

--Roger

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev