[HN Gopher] Hippotat: IP over HTTP ___________________________________________________________________ Hippotat: IP over HTTP Author : AndrewDucker Score : 35 points Date : 2022-11-25 18:53 UTC (4 hours ago) (HTM) web link (diziet.dreamwidth.org) (TXT) w3m dump (diziet.dreamwidth.org) | bragr wrote: | If port 443 is open and you can connect to SSH, why not just use | an SSH SOCKS proxy? This is neat in principle, I'm just not sure | who it helps or why it's better. I suppose this helps if someone | is doing deep inspection on their portal traffic, but is anyone | doing that? | tailspin2019 wrote: | > I suppose this helps if someone is doing deep inspection on | their portal traffic, but is anyone doing that? | | China is doing that to their entire population | barathr wrote: | Soonish there's going to be a standardized way to do this, via | CONNECT-IP: | | https://github.com/ietf-wg-masque/draft-ietf-masque-connect-... | amaccuish wrote: | Why not use the openconnect vpn server, ocserv? [0] | | It opportunistically uses DTLS over UDP where it can, but falls | back to plain TLS over TCP where not. And I mean real TLS, not | the sort-of-TLS that OpenVPN uses. | | [0] https://ocserv.gitlab.io/www/index.html | derhuerst wrote: | related: chisel [1] does TCP over HTTP | | [1] https://github.com/jpillora/chisel | fsiefken wrote: | nice, reminds of IP over DNS https://github.com/yarrick/iodine | andrew-ld wrote: | if traffic passes under tls shouldn't it be possible to figure | out the content or type of content transmitted/received, | shouldn't just an ip over tls be enough? | hackernudes wrote: | Nice. My approach when faced with a https inspecting (mitm) proxy | that did not support "http connect" requests was to do ssh over | websocket. ___________________________________________________________________ (page generated 2022-11-25 23:00 UTC)