SlideShare ist ein Scribd-Unternehmen logo

Encrypted Traffic in Egypt - an attempt to understand

Ahmed Mekkawy
Ahmed Mekkawy

UPDATE: The video is added after the last slide. After OONI report about internet censorship in Egypt, I'm publishing some technical logs that discusses the existence of an active DPI with MITM capabilities in Egypt.

Internet
1 von 31
Downloaden Sie, um offline zu lesen
Encrypted Traffic in Egypt An attempt to understand Ahmed Mekkawy CEO | Founder Spirula Systems
About the Presenter ● Founder and CEO of Spirula Systems. ● Co-founder of OpenEgypt. ● Free Software Foundation (FSF) member. ● Independent consultant at MCIT. ● Advisory board member at Mushtarak TechHub. ● One of the authors of the Egyptian national FOSS adoption strategy.
Scope of this Presentation ● Facts by me: authenticity not proven ● Online screenshots ● Facts by OONI ● My conclusion
Part I: The Story
HTTPS MITM attempt
OpenVPN & PPTP ● Throttling ● Blockage
OpenVPN / UDP1194 – May 20th ● Server: No logs ● Client: May 20 08:48:27 localhost NetworkManager[1109]: <info> VPN connection 'vpn2' (Connect) reply received. May 20 08:48:28 localhost nm-openvpn[5705]: Control Channel Authentication: using '/path/to/ta.key' as a OpenVPN static key file May 20 08:48:28 localhost nm-openvpn[5705]: UDPv4 link local: [undef] May 20 08:48:28 localhost nm-openvpn[5705]: UDPv4 link remote: [AF_INET]VPN_IP:1194 May 20 08:48:28 localhost nm-openvpn[5705]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]VPN_IP:1194 May 20 08:49:07 localhost NetworkManager[1109]: <warn> VPN connection 'vpn2' (IP Config Get) timeout exceeded. ... May 20 08:48:58 localhost nm-openvpn[5705]: message repeated 4 times: [ TLS Error: cannot locate HMAC in incoming packet from [AF_INET]VPN_IP:1194] May 20 08:49:07 localhost nm-openvpn[5705]: SIGTERM[hard,] received, process exiting
OpenVPN / UDP53 – May 20th ● Server: No logs ● Client: May 20 08:58:51 localhost NetworkManager[1109]: <info> VPN connection 'vpn2' (Connect) reply received. May 20 08:58:51 localhost nm-openvpn[5897]: Control Channel Authentication: using '/path/to/ta.key' as a OpenVPN static key file May 20 08:58:51 localhost nm-openvpn[5897]: UDPv4 link local: [undef] May 20 08:58:51 localhost nm-openvpn[5897]: UDPv4 link remote: [AF_INET]VPN_IP:53 May 20 08:58:51 localhost nm-openvpn[5897]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]VPN_IP:53 May 20 08:59:31 localhost NetworkManager[1109]: <warn> VPN connection 'vpn2' (IP Config Get) timeout exceeded. ... May 20 08:59:21 localhost nm-openvpn[5897]: message repeated 4 times: [ TLS Error: cannot locate HMAC in incoming packet from [AF_INET]VPN_IP:53] May 20 08:59:31 localhost nm-openvpn[5897]: SIGTERM[hard,] received, process exiting
OpenVPN / TCP443 – May 20th ● Server: No logs ● Client: May 20 08:52:54 localhost nm-openvpn[5791]: Attempting to establish TCP connection with [AF_INET]VPN_IP:1194 [nonblock] May 20 08:52:55 localhost nm-openvpn[5791]: TCP connection established with [AF_INET]VPN_IP:1194 May 20 08:52:55 localhost nm-openvpn[5791]: TCPv4_CLIENT link local: [undef] May 20 08:52:55 localhost nm-openvpn[5791]: TCPv4_CLIENT link remote: [AF_INET]VPN_IP:1194 May 20 08:52:55 localhost nm-openvpn[5791]: Connection reset, restarting [0] May 20 08:52:55 localhost nm-openvpn[5791]: SIGUSR1[soft,connection-reset] received, process restarting
OpenVPN / TCP8000 – May 20th ● Client and Server logs normal ● Connectivity within the tunnel: $ ping -c 10 vpn2 --- vpn2 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 9014ms rtt min/avg/max/mdev = 94.359/96.217/99.897/1.902 ms $ ping -c 10 10.8.0.5 PING 10.8.0.5 (10.8.0.5) 56(84) bytes of data. --- 10.8.0.5 ping statistics --- 10 packets transmitted, 0 received, 100% packet loss, time 8999ms
HTTPS Blockage – Jul 13th
HTTP MITM on Porn websites (!!) Disclaimer: This is a screenshot from OONI report
Part II: Service Providers
ISPs
ISPs
CAIX
Part III: OONI Report
What is OONI ● Open Observatory of Network Interfaces ● Part of TOR project ● Checks a list of URLs provided by Citizen Lab
The Report
Report Highlights ● Media censorship – Collateral damage ● HTTPS throttling – Inaccessible URLs ● Attempts to block Tor ● Advertisement and malware injection – Third party tools (curl) showing injected content
Conclusion ● DPI with MITM capabilities ● Possible daily Big Data analytics to enhance the DPI rules through a certain AI model ● All this is a testing phase
Discussion Ahmed Mekkawy mekkawy@spiru.la

Empfohlen

QUIC
QUICQUIC
QUIC
Apache Traffic Server
 
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
NoNameCon
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Fastly
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know it
Nils De Moor
 
Google Chromebook for the Enterprise: Yeah or Meh?
Google Chromebook for the Enterprise: Yeah or Meh?Google Chromebook for the Enterprise: Yeah or Meh?
Google Chromebook for the Enterprise: Yeah or Meh?
Ericom Software
 
XoxzoテレフォニーAPI入門2017
XoxzoテレフォニーAPI入門2017XoxzoテレフォニーAPI入門2017
XoxzoテレフォニーAPI入門2017
Xoxzo Inc.
 
Nous Sommes Cyber - HTB Blue
Nous Sommes Cyber - HTB BlueNous Sommes Cyber - HTB Blue
Nous Sommes Cyber - HTB Blue
DianaWhitney4
 
BSides Ottawa 2019 - HTB Blue
BSides Ottawa 2019 - HTB BlueBSides Ottawa 2019 - HTB Blue
BSides Ottawa 2019 - HTB Blue
DianaWhitney4
 

Empfohlen

QUIC
QUICQUIC
QUIC
Apache Traffic Server
 
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
NoNameCon
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Fastly
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know it
Nils De Moor
 
Google Chromebook for the Enterprise: Yeah or Meh?
Google Chromebook for the Enterprise: Yeah or Meh?Google Chromebook for the Enterprise: Yeah or Meh?
Google Chromebook for the Enterprise: Yeah or Meh?
Ericom Software
 
XoxzoテレフォニーAPI入門2017
XoxzoテレフォニーAPI入門2017XoxzoテレフォニーAPI入門2017
XoxzoテレフォニーAPI入門2017
Xoxzo Inc.
 
Nous Sommes Cyber - HTB Blue
Nous Sommes Cyber - HTB BlueNous Sommes Cyber - HTB Blue
Nous Sommes Cyber - HTB Blue
DianaWhitney4
 
BSides Ottawa 2019 - HTB Blue
BSides Ottawa 2019 - HTB BlueBSides Ottawa 2019 - HTB Blue
BSides Ottawa 2019 - HTB Blue
DianaWhitney4
 
Building interactivity with websockets
Building interactivity with websocketsBuilding interactivity with websockets
Building interactivity with websockets
Wim Godden
 
Network Sniffing
Network SniffingNetwork Sniffing
Network Sniffing
budi rahardjo
 
[발표]HTTP
[발표]HTTP[발표]HTTP
[발표]HTTP
HodongMan
 
ClusterDesktop manual how-to use for Linux clients
ClusterDesktop manual how-to use for Linux clientsClusterDesktop manual how-to use for Linux clients
ClusterDesktop manual how-to use for Linux clients
Emil Parashkevov
 
初心者のためのPythonによるWebAPI活用方入門
初心者のためのPythonによるWebAPI活用方入門初心者のためのPythonによるWebAPI活用方入門
初心者のためのPythonによるWebAPI活用方入門
Xoxzo Inc.
 
NetBeez - Test tcp connectivity with telnet
NetBeez - Test tcp connectivity with telnetNetBeez - Test tcp connectivity with telnet
NetBeez - Test tcp connectivity with telnet
NetBeez, Inc.
 
Metodologias de Programação IV - Aula 4, Secção 1 - Suporte para cache no pro...
Metodologias de Programação IV - Aula 4, Secção 1 - Suporte para cache no pro...Metodologias de Programação IV - Aula 4, Secção 1 - Suporte para cache no pro...
Metodologias de Programação IV - Aula 4, Secção 1 - Suporte para cache no pro...
Leonel Morgado
 
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
Leonel Morgado
 
Debugging Network Issues
Debugging Network IssuesDebugging Network Issues
Debugging Network Issues
Apcera
 
Your app lives on the network - networking for web developers
Your app lives on the network - networking for web developersYour app lives on the network - networking for web developers
Your app lives on the network - networking for web developers
Wim Godden
 
Cgi
CgiCgi
Cgi
AkramWaseem
 
Lessons from IPv6 Day
Lessons from IPv6 DayLessons from IPv6 Day
Lessons from IPv6 Day
Jon Warbrick
 
Implement server push in flask framework
Implement server push in flask frameworkImplement server push in flask framework
Implement server push in flask framework
Chi-Chia Huang
 
16network Programming Servers
16network Programming Servers16network Programming Servers
16network Programming Servers
Adil Jafri
 
Mulesofthttpconnector
Mulesofthttpconnector Mulesofthttpconnector
Mulesofthttpconnector
ennVee TechnoGroup Inc.
 
Client–server model
Client–server modelClient–server model
Client–server model
Vladimir Doroshenko
 
FastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection toolFastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection tool
Pavel Odintsov
 
Server
ServerServer
Server
jdsinf
 
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
Cory Forsyth
 
WebSockets with PHP: Mission impossible
WebSockets with PHP: Mission impossibleWebSockets with PHP: Mission impossible
WebSockets with PHP: Mission impossible
Yoan-Alexander Grigorov
 
Prevent ssh-tunneling
Prevent ssh-tunnelingPrevent ssh-tunneling
Prevent ssh-tunneling
Yudi Arijanto
 
How to prevent ssh-tunneling using Palo Alto Networks NGFW
How to prevent ssh-tunneling using Palo Alto Networks NGFWHow to prevent ssh-tunneling using Palo Alto Networks NGFW
How to prevent ssh-tunneling using Palo Alto Networks NGFW
Yudi Arijanto
 

Weitere ähnliche Inhalte

Was ist angesagt?

16network Programming Servers
16network Programming Servers16network Programming Servers
16network Programming Servers
Adil Jafri
 
Server
ServerServer
Server
jdsinf
 

Was ist angesagt? (20)

Building interactivity with websockets
Building interactivity with websocketsBuilding interactivity with websockets
Building interactivity with websockets
 
Network Sniffing
Network SniffingNetwork Sniffing
Network Sniffing
 
[발표]HTTP
[발표]HTTP[발표]HTTP
[발표]HTTP
 
ClusterDesktop manual how-to use for Linux clients
ClusterDesktop manual how-to use for Linux clientsClusterDesktop manual how-to use for Linux clients
ClusterDesktop manual how-to use for Linux clients
 
初心者のためのPythonによるWebAPI活用方入門
初心者のためのPythonによるWebAPI活用方入門初心者のためのPythonによるWebAPI活用方入門
初心者のためのPythonによるWebAPI活用方入門
 
NetBeez - Test tcp connectivity with telnet
NetBeez - Test tcp connectivity with telnetNetBeez - Test tcp connectivity with telnet
NetBeez - Test tcp connectivity with telnet
 
Metodologias de Programação IV - Aula 4, Secção 1 - Suporte para cache no pro...
Metodologias de Programação IV - Aula 4, Secção 1 - Suporte para cache no pro...Metodologias de Programação IV - Aula 4, Secção 1 - Suporte para cache no pro...
Metodologias de Programação IV - Aula 4, Secção 1 - Suporte para cache no pro...
 
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
 
Debugging Network Issues
Debugging Network IssuesDebugging Network Issues
Debugging Network Issues
 
Your app lives on the network - networking for web developers
Your app lives on the network - networking for web developersYour app lives on the network - networking for web developers
Your app lives on the network - networking for web developers
 
Cgi
CgiCgi
Cgi
 
Lessons from IPv6 Day
Lessons from IPv6 DayLessons from IPv6 Day
Lessons from IPv6 Day
 
Implement server push in flask framework
Implement server push in flask frameworkImplement server push in flask framework
Implement server push in flask framework
 
16network Programming Servers
16network Programming Servers16network Programming Servers
16network Programming Servers
 
Mulesofthttpconnector
Mulesofthttpconnector Mulesofthttpconnector
Mulesofthttpconnector
 
Client–server model
Client–server modelClient–server model
Client–server model
 
FastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection toolFastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection tool
 
Server
ServerServer
Server
 
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
 
WebSockets with PHP: Mission impossible
WebSockets with PHP: Mission impossibleWebSockets with PHP: Mission impossible
WebSockets with PHP: Mission impossible
 

Ähnlich wie Encrypted Traffic in Egypt - an attempt to understand

Visual Security Event Analysis - DefCon 13 - 2005
Visual Security Event Analysis - DefCon 13 - 2005Visual Security Event Analysis - DefCon 13 - 2005
Visual Security Event Analysis - DefCon 13 - 2005
Raffael Marty
 
Cont-Forensic-Analytics-Dipto-14Apr2015-post
Cont-Forensic-Analytics-Dipto-14Apr2015-postCont-Forensic-Analytics-Dipto-14Apr2015-post
Cont-Forensic-Analytics-Dipto-14Apr2015-post
Dipto Chakravarty
 

Ähnlich wie Encrypted Traffic in Egypt - an attempt to understand (20)

Prevent ssh-tunneling
Prevent ssh-tunnelingPrevent ssh-tunneling
Prevent ssh-tunneling
 
How to prevent ssh-tunneling using Palo Alto Networks NGFW
How to prevent ssh-tunneling using Palo Alto Networks NGFWHow to prevent ssh-tunneling using Palo Alto Networks NGFW
How to prevent ssh-tunneling using Palo Alto Networks NGFW
 
Quick and Dirty Python Deployments with Heroku
Quick and Dirty Python Deployments with HerokuQuick and Dirty Python Deployments with Heroku
Quick and Dirty Python Deployments with Heroku
 
Nessus scan report using the defualt scan policy - Tareq Hanaysha
Nessus scan report using the defualt scan policy - Tareq HanayshaNessus scan report using the defualt scan policy - Tareq Hanaysha
Nessus scan report using the defualt scan policy - Tareq Hanaysha
 
6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of servers6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of servers
 
Visual Security Event Analysis - DefCon 13 - 2005
Visual Security Event Analysis - DefCon 13 - 2005Visual Security Event Analysis - DefCon 13 - 2005
Visual Security Event Analysis - DefCon 13 - 2005
 
Primer to Browser Netwroking
Primer to Browser NetwrokingPrimer to Browser Netwroking
Primer to Browser Netwroking
 
Wireguard VPN
Wireguard VPNWireguard VPN
Wireguard VPN
 
Fundamentals of network hacking
Fundamentals of network hackingFundamentals of network hacking
Fundamentals of network hacking
 
Docker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingDocker on openstack by OpenSource Consulting
Docker on openstack by OpenSource Consulting
 
Cont-Forensic-Analytics-Dipto-14Apr2015-post
Cont-Forensic-Analytics-Dipto-14Apr2015-postCont-Forensic-Analytics-Dipto-14Apr2015-post
Cont-Forensic-Analytics-Dipto-14Apr2015-post
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and Spelix
 
WebRTC: A front-end perspective
WebRTC: A front-end perspectiveWebRTC: A front-end perspective
WebRTC: A front-end perspective
 
[Advantech] ADAM-3600 open vpn setting Tutorial step by step
[Advantech] ADAM-3600 open vpn setting Tutorial step by step [Advantech] ADAM-3600 open vpn setting Tutorial step by step
[Advantech] ADAM-3600 open vpn setting Tutorial step by step
 
presentation_4102_1493726768.pdf
presentation_4102_1493726768.pdfpresentation_4102_1493726768.pdf
presentation_4102_1493726768.pdf
 
Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3Tomcat from a cluster to the cloud on RP3
Tomcat from a cluster to the cloud on RP3
 
Smart DoorLock Keynote
Smart DoorLock Keynote Smart DoorLock Keynote
Smart DoorLock Keynote
 
Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014
 
HTTP/2 and SAP Fiori
HTTP/2 and SAP FioriHTTP/2 and SAP Fiori
HTTP/2 and SAP Fiori
 
No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014
 

Mehr von Ahmed Mekkawy

Virtualization Techniques & Cloud Compting
Virtualization Techniques & Cloud ComptingVirtualization Techniques & Cloud Compting
Virtualization Techniques & Cloud Compting
Ahmed Mekkawy
 
A look at computer security
A look at computer securityA look at computer security
A look at computer security
Ahmed Mekkawy
 
Networking in Gnu/Linux
Networking in Gnu/LinuxNetworking in Gnu/Linux
Networking in Gnu/Linux
Ahmed Mekkawy
 

Mehr von Ahmed Mekkawy (20)

Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...
Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...
Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...
 
OpenData for governments
OpenData for governmentsOpenData for governments
OpenData for governments
 
Infrastructure as a Code
Infrastructure as a Code Infrastructure as a Code
Infrastructure as a Code
 
شركة سبيرولا للأنظمة والجمعية المصرية للمصادر المفتوحة
شركة سبيرولا للأنظمة والجمعية المصرية للمصادر المفتوحةشركة سبيرولا للأنظمة والجمعية المصرية للمصادر المفتوحة
شركة سبيرولا للأنظمة والجمعية المصرية للمصادر المفتوحة
 
Everything is a Game
Everything is a GameEverything is a Game
Everything is a Game
 
Why Cloud Computing has to go the FOSS way
Why Cloud Computing has to go the FOSS wayWhy Cloud Computing has to go the FOSS way
Why Cloud Computing has to go the FOSS way
 
FOSS Enterpreneurship
FOSS EnterpreneurshipFOSS Enterpreneurship
FOSS Enterpreneurship
 
Intro to FOSS & using it in development
Intro to FOSS & using it in developmentIntro to FOSS & using it in development
Intro to FOSS & using it in development
 
FOSS, history and philosophy
FOSS, history and philosophyFOSS, history and philosophy
FOSS, history and philosophy
 
Virtualization Techniques & Cloud Compting
Virtualization Techniques & Cloud ComptingVirtualization Techniques & Cloud Compting
Virtualization Techniques & Cloud Compting
 
A look at computer security
A look at computer securityA look at computer security
A look at computer security
 
Networking in Gnu/Linux
Networking in Gnu/LinuxNetworking in Gnu/Linux
Networking in Gnu/Linux
 
Foss Movement In Egypt
Foss Movement In EgyptFoss Movement In Egypt
Foss Movement In Egypt
 
Sysprog17
Sysprog17Sysprog17
Sysprog17
 
Sysprog 15
Sysprog 15Sysprog 15
Sysprog 15
 
Sysprog 9
Sysprog 9Sysprog 9
Sysprog 9
 
Sysprog 12
Sysprog 12Sysprog 12
Sysprog 12
 
Sysprog 14
Sysprog 14Sysprog 14
Sysprog 14
 
Sysprog 11
Sysprog 11Sysprog 11
Sysprog 11
 
Sysprog 7
Sysprog 7Sysprog 7
Sysprog 7
 

Kürzlich hochgeladen

Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Call Girls in Nagpur High Profile
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
SUHANI PANDEY
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
singhpriety023
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
SUHANI PANDEY
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
ruhi
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
SUHANI PANDEY
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
kojalkojal131
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Delhi Call girls
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
Neha Pandey
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 

Kürzlich hochgeladen (20)

Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 

Encrypted Traffic in Egypt - an attempt to understand

  • 1. Encrypted Traffic in Egypt An attempt to understand Ahmed Mekkawy CEO | Founder Spirula Systems
  • 2. About the Presenter ● Founder and CEO of Spirula Systems. ● Co-founder of OpenEgypt. ● Free Software Foundation (FSF) member. ● Independent consultant at MCIT. ● Advisory board member at Mushtarak TechHub. ● One of the authors of the Egyptian national FOSS adoption strategy.
  • 3. Scope of this Presentation ● Facts by me: authenticity not proven ● Online screenshots ● Facts by OONI ● My conclusion
  • 4. Part I: The Story
  • 6. OpenVPN & PPTP ● Throttling ● Blockage
  • 7. OpenVPN / UDP1194 – May 20th ● Server: No logs ● Client: May 20 08:48:27 localhost NetworkManager[1109]: <info> VPN connection 'vpn2' (Connect) reply received. May 20 08:48:28 localhost nm-openvpn[5705]: Control Channel Authentication: using '/path/to/ta.key' as a OpenVPN static key file May 20 08:48:28 localhost nm-openvpn[5705]: UDPv4 link local: [undef] May 20 08:48:28 localhost nm-openvpn[5705]: UDPv4 link remote: [AF_INET]VPN_IP:1194 May 20 08:48:28 localhost nm-openvpn[5705]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]VPN_IP:1194 May 20 08:49:07 localhost NetworkManager[1109]: <warn> VPN connection 'vpn2' (IP Config Get) timeout exceeded. ... May 20 08:48:58 localhost nm-openvpn[5705]: message repeated 4 times: [ TLS Error: cannot locate HMAC in incoming packet from [AF_INET]VPN_IP:1194] May 20 08:49:07 localhost nm-openvpn[5705]: SIGTERM[hard,] received, process exiting
  • 8. OpenVPN / UDP53 – May 20th ● Server: No logs ● Client: May 20 08:58:51 localhost NetworkManager[1109]: <info> VPN connection 'vpn2' (Connect) reply received. May 20 08:58:51 localhost nm-openvpn[5897]: Control Channel Authentication: using '/path/to/ta.key' as a OpenVPN static key file May 20 08:58:51 localhost nm-openvpn[5897]: UDPv4 link local: [undef] May 20 08:58:51 localhost nm-openvpn[5897]: UDPv4 link remote: [AF_INET]VPN_IP:53 May 20 08:58:51 localhost nm-openvpn[5897]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]VPN_IP:53 May 20 08:59:31 localhost NetworkManager[1109]: <warn> VPN connection 'vpn2' (IP Config Get) timeout exceeded. ... May 20 08:59:21 localhost nm-openvpn[5897]: message repeated 4 times: [ TLS Error: cannot locate HMAC in incoming packet from [AF_INET]VPN_IP:53] May 20 08:59:31 localhost nm-openvpn[5897]: SIGTERM[hard,] received, process exiting
  • 9. OpenVPN / TCP443 – May 20th ● Server: No logs ● Client: May 20 08:52:54 localhost nm-openvpn[5791]: Attempting to establish TCP connection with [AF_INET]VPN_IP:1194 [nonblock] May 20 08:52:55 localhost nm-openvpn[5791]: TCP connection established with [AF_INET]VPN_IP:1194 May 20 08:52:55 localhost nm-openvpn[5791]: TCPv4_CLIENT link local: [undef] May 20 08:52:55 localhost nm-openvpn[5791]: TCPv4_CLIENT link remote: [AF_INET]VPN_IP:1194 May 20 08:52:55 localhost nm-openvpn[5791]: Connection reset, restarting [0] May 20 08:52:55 localhost nm-openvpn[5791]: SIGUSR1[soft,connection-reset] received, process restarting
  • 10. OpenVPN / TCP8000 – May 20th ● Client and Server logs normal ● Connectivity within the tunnel: $ ping -c 10 vpn2 --- vpn2 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 9014ms rtt min/avg/max/mdev = 94.359/96.217/99.897/1.902 ms $ ping -c 10 10.8.0.5 PING 10.8.0.5 (10.8.0.5) 56(84) bytes of data. --- 10.8.0.5 ping statistics --- 10 packets transmitted, 0 received, 100% packet loss, time 8999ms
  • 11.
  • 12. HTTPS Blockage – Jul 13th
  • 13.
  • 14.
  • 15. HTTP MITM on Porn websites (!!) Disclaimer: This is a screenshot from OONI report
  • 16. Part II: Service Providers
  • 17. ISPs
  • 18.
  • 19.
  • 20. ISPs
  • 21.
  • 22.
  • 23.
  • 24. CAIX
  • 25. Part III: OONI Report
  • 26. What is OONI ● Open Observatory of Network Interfaces ● Part of TOR project ● Checks a list of URLs provided by Citizen Lab
  • 27.
  • 29. Report Highlights ● Media censorship – Collateral damage ● HTTPS throttling – Inaccessible URLs ● Attempts to block Tor ● Advertisement and malware injection – Third party tools (curl) showing injected content
  • 30. Conclusion ● DPI with MITM capabilities ● Possible daily Big Data analytics to enhance the DPI rules through a certain AI model ● All this is a testing phase