Bridge easily detected by GFW
|Reported by:||hrimfaxi||Owned by:|
|Component:||Core Tor/Tor||Version:||Tor: 0.2.3.5-alpha|
|Severity:||Keywords:||blocking needs-proposal tor-bridge|
|Cc:||asn, runa, rransom, nickm, twilde, phobos, ln5, naif, denver.root@…, eyv@…||Actual Points:|
I tried to setup a bridge relay in USA and access it from China. But it seems their communication can be detected very soon and got filtered by the GFW.
At first I thought it's because the address of my bridge relay got published and leaked to the GFW staffs. But even I set PublishServerDescriptor to 0 in the torrc of bridge the blockade still occurs.
Every bridge relay I setup can only live 1~10 minutes before they got blocked and were no longer accessible in China, used the telnet utility for confirming that.
When the blockade occurs, not only bridges but also normal relays were blocked.
If I change the bridge port (like from 443 to 444) then it can be connected again before the next blockade occurs after 1~10 minutes.
I tried the both stable 0.2.1.x and alpha (0.2.3.5-alpha) release of tor and they were all vulnerable.
Was it a new attack to block tor traffic?
|#4744||GFW probes based on Tor's SSL cipher list||nickm|