Questions tagged [dpi]

Deep packet inspection

Deep packet inspection (DPI, also called complete packet inspection and information extraction or IX) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions, or defined criteria to decide whether the packet may pass or if it needs to be routed to a different destination, or, for the purpose of collecting statistical information that functions at the Application layer of the OSI (Open Systems Interconnection model).

14 questions

votes

1 answer

Can DPI block websites with ESNI?

I live in a country with censorship and was wondering if it's possible to bypass DPI by just enabling ESNI, DNS over HTTPS and Always HTTPS? If not, what else should I enable to bypass DPI firewall without having to go the VPN route?

firewalls dns dpi

asked Jan 08 '21 at 10:15

daegontaven

votes

2 answers

Analyzing Tor traffic through Deep Packet Inspection?

I've just read about the detecting and blocking of Tor traffic by DPI but now I'm curious about analyzing the data you send over Tor and matching it with your true identity by deep-inspecting the data packets that leave your PC/router. (If that…

privacy anonymity tor surveillance dpi

asked Aug 14 '20 at 09:17

h088bmIuXaskpzJEe3ld

votes

1 answer

Using VPN and hidding this fact from ISP.

My ISP blocked a bunch of networks I need to access. I installed VPS (unix box) outside of my ISP's network and I now can build VPN between my home router and VPS, but I want to hide this fact from my ISP. Here are several approaches and their…

vpn dpi

asked Apr 19 '18 at 23:53

user996142

votes

1 answer

can HPKP certificate pinning disable DPI inspection on firewall?

Is it possible that Firefox and Chrome disable pin validation for users who imported custom root certificates all pinning violations are ignored. What is impact of that? Will browser report any warning?

tls web-browser hpkp dpi

asked Sep 28 '17 at 05:41

user3654268

votes

1 answer

Socket closed depending on data. Am I facing an active firewall? (DPI - Deep Packet Inspection)

Following my troubleshooting of making a TLS connection (See: Testing TLS with openssl), it looks like there might be an active firewall in place. The connection on that port works with nc on both sides (nc -l -p 8883 on the server, nc server.com…

tls firewalls openssl dpi

asked Apr 26 '17 at 00:37

Michael

votes

0 answers

Best way to avoid DPI/tunnel detection?

guys, I live in Russia and that pretty much says it all. I was using a standard self-hosted VPN on a DO droplet, but now I'm afraid that since VPN usage in Russia started to spread like a wildfire after the recent Instagram ban the Russian…

vpn tunneling vps dpi openwrt

asked Mar 14 '22 at 23:56

passingTHROUGH1263

votes

3 answers

How does a NG Firewall do application visibility and classification of TLS traffic without TLS interception and how reliable is this

How Does Application Visibility and Control Work? The application identification (App ID) classification engine and application signature pattern-matching engine operate at Layer 7 and inspect the actual content of the payload for…

web-application dpi ngfw

asked Feb 22 '18 at 09:08

emirjonb

vote

1 answer

Antivirus/DPI Solution with openvpn server

I wish to set up a system that I log into with openVPN on my Raspberry Pi 4. I have already set up an openVPN server with a PKI infrastructure as well as other services that run on the Pi (like pi hole dns + dhcp). The packet forwarding is set up in…

network antivirus openvpn raspberry-pi dpi

asked Feb 25 '20 at 19:27

FalcoGer

vote

1 answer

Can IPsec transport mode prevent DPI by your ISP?

It is well known that ISPs use deep packet inspection to deprioritize certain types of network traffic, such as that belonging to filesharing applications. If ISPs achieve this throttling of traffic by examining the payload of IP datagrams,…

ipsec isp dpi

asked Feb 20 '17 at 18:44

aeb0

votes

4 answers

Disable Encrypted Protocols Through Firewall

In my company, we have two internal domains with a firewall between them. When requesting firewall rules for an application with components on domain A and domain B, I was told that encrypted protocols were not allowed through the firewall. (e.g.…

firewalls decryption tunneling dpi

asked Jan 21 '20 at 05:20

c26c1a28808f39240df780eb8ee34e

votes

1 answer

What kinds of web applications need dynamic packet filtering or deep packet inspection

I have some customers requesting that we put apply DPI or dynamic packet filtering in front of our web server. For the simplicity of my service, I'm feeling like this is over kill. What kinds of web apps really benefit from DPI / DPF as opposed to…

web-application dpi

asked Oct 23 '18 at 16:57

Brad

votes

1 answer

VPN, ISP & deep packet inspection

If I use OpenVPN on port 443 (TCP or UDP), is it possible for my ISP with deep packet inspection to find out VPN usage? If so, what is the alternative?

vpn isp dpi

asked Apr 26 '17 at 13:22

Siavash dst

-1

votes

1 answer

Surveillance by mobile network provider

I am customer of Vodafone Germany as my mobile network provider. After extension of my RED S mobile contract i realized, that the option "Vodafone Secure Net" is enforced by the company without informing me beforehand. After calling the customer…

privacy man-in-the-middle mobile surveillance dpi

asked Sep 27 '18 at 11:42

alex

-1

votes

1 answer

Identifying URL in SSL

http://qosmos.com/products/protocol-support/ state they are able to identify "Video, URL, date, duration, frame rate, +30 other metadata" for Youtube traffic. Duration, Frame Rate and date seems possible. But how do they identify the URL since it is…

network dpi

asked Jan 25 '18 at 19:40

psy