0

What's going on in this video?

https://www.youtube.com/watch?v=lXVqdezJf1A

Here, the ISP restricts access to all other sites but one (twitter.com) when the user's account balance is insufficient. In this video, an SSH connection is being used somehow to connect to restricted IP addresses through the ISP's proxy server.

How is all of this working? And what can be done to protect against such attacks / hacks?

chaosifier
  • 133
  • 1
  • 1
  • 5
  • Looks like he's setting up a tunnel to send the http traffic through. `fastssh` creates a tunnel and `http injector` is used to redirect traffic through the tunnel. – Zwans Jan 04 '17 at 12:50
  • I haven't watched the video but this could be a simple DNS-based block (which is enough for 99% of customers which aren't technical) - in this case an SSH tunnel directly to an IP works just fine to get through the block. – André Borie Jan 06 '17 at 16:02

1 Answers1

1

Not sure where you are getting the part about the ISP from? That isn't shown in the video as far as I can see.

What is happening in the video is that the OP is creating an SSH-based VPN for their mobile device. They are then using that as a tunnel to connect to a remote service.

This would allow the OP to bypass specific site restrictions placed on the mobile service - for example, in countries that don't allow access to certain websites.

However, the traffic patterns are possible for the mobile operator to detect using smart pattern analysis and may well be against the terms and conditions of use.

So to prevent that kind of bypass, you need to implement a smart filter. For example Sophos UTM.

Julian Knight
  • 7,092
  • 17
  • 23