Comments on: An Eventful Few Weeks in Iran: DNS Tampering, Content-Type Filtering and SSL Blocking on Google http://b.averysmallbird.com/entries/an-eventful-month-in-iran the shifting interests of Collin David Anderson. Sat, 02 Mar 2013 18:54:51 +0000 hourly 1 https://wordpress.org/?v=4.5.2 By: cda http://b.averysmallbird.com/entries/an-eventful-month-in-iran/comment-page-1#comment-1098 Sat, 02 Mar 2013 18:54:51 +0000 http://b.averysmallbird.com/?p=1105#comment-1098 OpenDNS does have a SSL encrypted DNS service, which should solve the problem, but I would suggest that there should be a deeper concern — which is that HTTP proxies will likely be tampered or surveilled, and, even if your proxy connection is secured with a legitimate SSL setup, it is still likely to be throttled. If you have a host for a proxy server, then you should be able to personally run something at least marginally better, if not a Tor bridge, then an OpenVPN service or SSH SOCKS proxy, perhaps?

]]> By: Kevin http://b.averysmallbird.com/entries/an-eventful-month-in-iran/comment-page-1#comment-1097 Fri, 01 Mar 2013 16:33:55 +0000 http://b.averysmallbird.com/?p=1105#comment-1097 Hi, I came across your website through some Googling today. My girlfriend is in Iran right now and I’m trying to get her set up with a way to get around the filter.

I had her using my proxy server and Google’s public DNS, but I came across the same thing you did: DNS requests to blocked websites were still somehow getting interfered with. They’re returning that same IP that you show above: 10.10.34.34.

So, now I see that it’s tampering of the request itself. Now I’m brainstorming how to get around this (without buying VPN anyway)…

I don’t know of any public DNS server that allows secure DNS requests. I suppose I could send her a squid cache of many popular domains, but I don’t know if she could handle setting up squid. Hmmmmm… any ideas?

]]>