[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Had a great idea just thought I'd put it out there...



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

It appears they are scanning entire packets at a time for efficiency.
What about using extremely small packets? The smaller packets are the
smaller the the data surface is the harder it would make it for them
to accurately detect the protocol.

I know there's that bug in the state-less firewalls that mucks up
there pattern matching if the packets are cut up into 160 byte chunks.
also I've heard UDP packets are fragmented if they are bigger than
1400 bytes, and are only marked as arrived if the operating system
manages to get all fragments I dont know if TCP does the same. So I
assume 1400 byte packets are more likely to arrive across the network,
the down side is I imagine it would probably be quite slow sending
only 1K at a time.

~Shadowman

~TheMindwareGroup
TheMindwareGroup@xxxxxxxxx PGP: 0xf4b6586f
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJS8+PuAAoJEKcLVST0tlhvv5wH/RTjMGfMDH6VJbMspJl/V7ja
a2+wAm3fARuAOH2lOxsOSJ4xYh8mrChJGdPfZ7E5OF343NmSl8QPRd0rAI8hkDTc
9EpwVelgHx7iawAV8fbsH43oscwS2h8RC72opUPV+uVTTaQ9vHa7qnScCQ/jKPAb
E3n4vgRNO/V+WDWRI806ny8VufgUwUr9rxjBrbEbSEpWI8BjMn13eKJey/dRzI9K
Axf64rCikIVNo8z4S1ggkWI3wbjoNHDnCt4XQ/Vv/piF0JlCgZqlZ8NZKoLKgHKA
dSwgvFzAa5TxpmlKfk04iBFr7ORAGtrNQHqRox3SasuJSeepAHi4EW7RXv3Fm00=
=cAZ7
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk