[LINK] RFI: Dynamic IP-Addresses on Consumer Broadband

[grove at zeta.org.au]

On Fri, 19 Oct 2007, grove at zeta.org.au wrote:

> I was just thinking about this tonight, after seeing Lateline's report
> on the Great Firewall of China and they described China as an Intranet
> with 3 gateways.    So I sort of thought how we do it to get in to work from
> home and rather than using a VPN we just SSH tunnel into various systems and 
> gain access to the Intranet from there.
>
> And then some sort of software was mentioned to "bypass" the Firewall and 
> break out of the Chinese Intranet.   So it is possible that
> the "software" is some sort of SSH tunneling to a web proxy in another
> country and all sorts of port forwarding done, that the Govt filters
> cannot see.   But I am only speculating.

Sorry to reply to myself, but I posted this without the "kicker".
The kicker is that scrambling or resetting the DHCP leases 
makes the port forwarding and tunneling a lot harder.  I suspect
that instead of scanning all the possible ports and addresses
to look for tunnels and then interdicting them, it is far easier
to reset the DHCP leases and this does then make access to services
that are "prohibited" a lot harder to maintain.


rachel

-- 
Rachel Polanskis                 Kingswood, Greater Western Sydney, Australia
grove at zeta.org.au                http://www.zeta.org.au/~grove/grove.html
David Hicks, Nuclear Power, WorkChoices, Reconciliation, Tampa, Iraq, AWB,
Children Overboard, Global Warming.  "Who do you trust?" - John W Howard