是否应当支持ShadowTLS?这个传输层的混淆思路似乎很好 #2875
zhyang-liu
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
简单来说,shadowtls的意思是通过展示一个第三方的证书(比如google/baidu),来蒙混MIM,让他以为我是一个靠谱的网站。
如果MIM真的探测,那么就通过TLS的ClientHello过程中埋入的session id等信息来判断是否符合预定的规则,如果不符合规则就判定为MIM,做一个简单的端口转发(到证书的网站),来蒙混过关。
看起来和vmess的transport层可以天然结合?
Beta Was this translation helpful? Give feedback.
All reactions