New VPN Blocking Technology in China?
VPNBook, now offer free VPN connections via port 53 – to bypass the Great Firewall of China.
VPN’s using PPTP (Windows 7/Vista) are pretty dire in security terms; look up dnsleaktest to justify that statement. Many VPN providers don’t care that their VPN leaks the DNS of windows machines.
Make sure you install OpenVPN – to prevent DNS leakage, especially if you’re in a hostile environment – and that can be the UK with the Piratebay court order, or China.
Operate from a non VPN identified port – ie for OpenVPN do NOT use port 1194. Use port 80 – OpenVPN allows us to dual port – run a webserver on the same port as we use for a VPN, to mask access.
Yesterday’s Guardian Technology reported the PRC has deployed VPN-blocking technology as part of its Great Firewall. Apart from an alleged email from VPN firm Astrill, there’s no evidence of this, but something is happening. Initially it was those using corporate networks that reported the problem back in May 2011, while the home users were largely unaffected. This could well have been a strategy to compile a list of non-corporate VPN users.
I believe the PRC has merely applied their existing IP address blacklist to known VPN providers, rather than using a protocol-based filter, and that a given VPN service will remain reachable until it’s discovered. In other words, someone at the border gateway is searching for VPN providers and manually blocking them. The real test of this is whether VPN gateways within China, where TCP scanning is distributed across regional data centres, are reachable.