• viking@infosec.pub
    link
    fedilink
    arrow-up
    3
    ·
    10 months ago

    Sort of, they are blocking protocols based on the client-server-handshake. Protocols such as OpenVPN, IKSv2 or WireGuard which have a fixed handshake signature are preemptively blocked. They work occasionally if you are connecting to a previously unknown server, it takes maybe 10-30 min until the signature is identified and the connection killed.

    Other VPN providers are using proprietary (home-made) protocols or at least modified ones that are harder to catch. Again others will use obfuscation to hide the actual handshake in some additional overlay traffic. Paired with UDP, where the server doesn’t send an acknowledgment flag back (as is the case with TCP) gives them some extra reach.

    So far the only VPN that has consistently worked though is Astrill, I’ve switched there from Proton after about 4 months in the country and am using it in the 5th year now.