Using the TTL, we figured out that the censor kicks in at the kth hop. This kth ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		justDankin on Sept 29, 2020 \| parent \| context \| favorite \| on: Identifying Airtel middleboxes that censor HTTPS t... Using the TTL, we figured out that the censor kicks in at the kth hop. This kth box belonged to Airtel. If a box was censoring after Airtel, we would have received a clean response (ICMP timeout) at hop k as well. Of course, the TTL itself can change during the run, but that wouldn't happen for so many cases :)

iso1631 on Sept 29, 2020 [–]

If you used an allowed domain name, did you get TTL expired messages back when using TTL=5/6/7/8?

justDankin on Sept 29, 2020 | [–]

Yes, that was the case

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact