是否应当支持ShadowTLS?这个传输层的混淆思路似乎很好 #2875
zhyang-liu
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
简单来说,shadowtls的意思是通过展示一个第三方的证书(比如google/baidu),来蒙混MIM,让他以为我是一个靠谱的网站。
如果MIM真的探测,那么就通过TLS的ClientHello过程中埋入的session id等信息来判断是否符合预定的规则,如果不符合规则就判定为MIM,做一个简单的端口转发(到证书的网站),来蒙混过关。
看起来和vmess的transport层可以天然结合?
Beta Was this translation helpful? Give feedback.
All reactions