On (13/11/04 12:53), Alexei Roudnev wrote:
I agree with Robert. But if you deal with some super tricked protocols (like SpyPE) and you really want to block VoIP (not show that you comply to regulations, but REALLY block it) - disruption looks as the only real opportunity. For any filterig, I can always create a protocol which will ignore your filters.
no need to create a new protocol, just use an existing one to tunnel the traffic - gre/ip in ip/ipsec/ssl...if someone wants to bypass the filtering badly enough, it is trivial to do and they will likely be willing to put the beefier hardware in place to account for any extra processing overhead. i've also heard of satellite links being used to bypass the filtering...a cheap local phone (or six) can be kept hidden from the authorities for as long as the bribes are paid and/or it doesn't cut too deeply into the ptt's monopoly /joshua -- **** END NANOG CENSORSHIP **** FREE RAS **** FREE WILCO