Client Hello is one of the ways firewalls figure out what site you’re going to in order to block it from memory (its possible I’m getting this confused for a different request). Curious to see the impact of this.
this post was submitted on 04 Oct 2023
52 points (100.0% liked)
Technology
37603 readers
560 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
Some Anti-DPI measures splitting Client Hello to avoid DPI and it works. I guess it would be more easier for average users to avoid DPI with ECH.
I don't quite get what the point is. No matter how good you encrypt the server name, the destination IP address will always be visible. Are there that many webservers sharing the same IP, that this makes a noticeable impact? Am I missing something?
It certainly isn't a silver bullet l, but considering the amount of data that gets served through CDNs like Cloudflare, it should do something.
Yes, especially for simpler/smaller websites there can be hundreds or thousands behind a single IPv4 address.
Or if you have a larger infrastructure provider, use any kind of CDN or "target cloaking" or whatever there could be millions of different hosts on a single publicly visible address. (Or more like multiple shared addresses).