[HN Gopher] Hippotat: IP over HTTP
___________________________________________________________________
Hippotat: IP over HTTP
Author : AndrewDucker
Score : 35 points
Date : 2022-11-25 18:53 UTC (4 hours ago)
(HTM) web link (diziet.dreamwidth.org)
(TXT) w3m dump (diziet.dreamwidth.org)
| bragr wrote:
| If port 443 is open and you can connect to SSH, why not just use
| an SSH SOCKS proxy? This is neat in principle, I'm just not sure
| who it helps or why it's better. I suppose this helps if someone
| is doing deep inspection on their portal traffic, but is anyone
| doing that?
| tailspin2019 wrote:
| > I suppose this helps if someone is doing deep inspection on
| their portal traffic, but is anyone doing that?
|
| China is doing that to their entire population
| barathr wrote:
| Soonish there's going to be a standardized way to do this, via
| CONNECT-IP:
|
| https://github.com/ietf-wg-masque/draft-ietf-masque-connect-...
| amaccuish wrote:
| Why not use the openconnect vpn server, ocserv? [0]
|
| It opportunistically uses DTLS over UDP where it can, but falls
| back to plain TLS over TCP where not. And I mean real TLS, not
| the sort-of-TLS that OpenVPN uses.
|
| [0] https://ocserv.gitlab.io/www/index.html
| derhuerst wrote:
| related: chisel [1] does TCP over HTTP
|
| [1] https://github.com/jpillora/chisel
| fsiefken wrote:
| nice, reminds of IP over DNS https://github.com/yarrick/iodine
| andrew-ld wrote:
| if traffic passes under tls shouldn't it be possible to figure
| out the content or type of content transmitted/received,
| shouldn't just an ip over tls be enough?
| hackernudes wrote:
| Nice. My approach when faced with a https inspecting (mitm) proxy
| that did not support "http connect" requests was to do ssh over
| websocket.
___________________________________________________________________
(page generated 2022-11-25 23:00 UTC)