Can my ISP see which VPN protocol I am using?

Yes, probably. Most VPN protocols are not designed to hide the fact that they’re VPN protocols, nor what kind of protocol they are. See for instance this paper which details fingerprinting OpenVPN.

If you run all your traffic through a VPN, the fact that you’re using a VPN is quite easily visible – as all traffic will be destined for a single destination – which is quite unlike normal usage patterns.

If you’re interested in hiding the fact that you’re using a VPN, and what VPN, you should probably look into what’s used in totalitarian states, such as China, which routinely blocks all attempts at VPNs out of China. Tor is one such system.

sso – CAS Protocol ticket sent via GET request

From CWE598 sensitive information should be sent using POST request. Why CAS protocol sends the ticket value using a GET request as illustrated below? Should it be considered safe in this scenario? From the image:

“Set the session cookie and forward the browser back to the application with the service ticket stripped off. This optional step prevents the browser address bar from displaying the ST”

My doubt is: if the browser already sent a GET request including the ticket value in the URL, the ticket could be already logged somewhere or am I wrong?

enter image description here

☑️NEW – New Giveaway : Yunix Protocol (YNX) Airdrop – Apr 2021 | Proxies-free

yunix.jpg

New Giveaway : Yunix Protocol (YNX) Airdrop – Apr 2021

Reward: 25 YNX ($25)
Rate: ⭐️⭐️⭐️⭐️
Focus: Distribution starts after airdrop ends

Bot Airdrop Link:

Airdrop page – (Click Here)

🔹Join our Telegram channel
🔹Join our Telegram group
🔹Follow Facebook
🔹Follow Twitter and Retweet pinned post
🔹Submit BEP20 wallet address on the bot
🔹Also get 12 YNX Tokens for each referral

Note: This airdrop will be distributed in May. Please always remember don’t spend a penny for Airdrops tokens.

Additional Information:
YUNIX Protocol (https://yunix-protocol.info/) (YUNIX) is a decentralized Token built on the Binance Smart Chain network that offers a modularized and modern way to give benefit to all Involved users.

#airdrops #airdrop #giveaway #airdropbot #airdropalert #BSC #ethereum #litecoin #BTC #crypto #bitcoin #ETH #LTC #yunixprotocol #ynx #bsc #Airdrop

c# – How is a Challenge implemented for a game networking protocol?

Working on an authoritative online game using LiteNetLib. I’ve been reading about building a game network protocol and I’m feeling stuck with the “challenge” implementation.

  • The client requests a connection with the server.
  • The server then returns some sort of challenge (that only the client should be able to solve?).
  • The client returns the solution and the server allows the connection.

The first thing that I don’t get is how to have a “pending” connection without accepting it to begin with. With LiteNetLib, this is how the server handles incoming connections:

listener.ConnectionRequestEvent += request =>
{
    if(server.ConnectedPeersCount < 10 /* max connections */)
        request.AcceptIfKey("SomeConnectionKey");
    else
        request.Reject();
};

From the looks of it, the server must decide whether to allow the client or not at this very instant. If I want to send or receive a challenge, I need to accept the connection first don’t I? But that would defeat the point of the challenge implementation.

Is there a resource with an example of how this is done? The article doesn’t really go into detail, and when I google things like “online game protocol challenge request packet” the results aren’t quite related (almost as if the concept was coined by that article).

uri – Drupal and reverse proxy: How to make Drupal aware that it’s protocol is HTTPS?

I have a reverse proxy Docker container in front a Drupal container on a Docker host.

My reverse proxy container is https://hub.docker.com/r/jwilder/nginx-proxy

The public site URL is https://ahora-stage2.dcycleproject.org

When a request is made to https://ahora-stage2.dcycleproject.org, drupal receives the following headers. I ran dpm(Drupal::request()->headers); using devel/php on a backend web interface:

stdClass Object ( (__CLASS__) => SymfonyComponentHttpFoundationHeaderBag (headers:protected) => Array ( (authorization) => Array ( (0) => ) (host) => Array ( (0) => ahora-stage2.dcycleproject.org ) (connection) => Array ( (0) => close ) (x-real-ip) => Array ( (0) => 216.246.250.184 ) (x-forwarded-for) => Array ( (0) => 216.246.250.184 ) (x-forwarded-proto) => Array ( (0) => https ) (x-forwarded-ssl) => Array ( (0) => on ) (x-forwarded-port) => Array ( (0) => 443 ) (content-length) => Array ( (0) => 212 ) (accept) => Array ( (0) => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 ) (content-type) => Array ( (0) => application/x-www-form-urlencoded ) (origin) => Array ( (0) => https://ahora-stage2.dcycleproject.org ) (accept-language) => Array ( (0) => en-ca                 ) (user-agent) => Array ( (0) => Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15 ) (referer) => Array ( (0) => https://ahora-stage2.dcycleproject.org/devel/php ) (accept-encoding) => Array ( (0) => gzip, deflate, br ) (cookie) => Array ( (0) => SESS06c9cc57c2abbd62a4b35358c6967749=zmOe3Gexxxxxxxx7238990ldZb50rMxl35yPOeM ) (x-php-ob-level) => Array ( (0) => 0 ) ) (cacheControl:protected) => Array ( ) ) 

Based on that information, https://x-team.com/blog/base_url-drupal-8/, https://medium.com/@lmakarov/drupal-8-and-reverse-proxies-the-base-url-drama-c5553cbc9a3e, and comments in the settings.php file, I put these custom settings in my Drupal settings.php file:

$settings('reverse_proxy') = TRUE;
$settings('reverse_proxy_addresses') = ('104.236.70.29','216.246.250.184');

Nonetheless, Drupal always keep believing that the protol is HTTP, not HTTPS.

See enclosed image.

enter image description here

I’m wondering how I could set it up so that Drupal understands that it’s behind a reverse proxy and that it’s public URL should be served using the https protocol.

bitcoincore development – problems about update of protocol of bitcoin

I am new to crypto. I want to ask if in the future, bitcoin have a significant protocol update , will there be a recycle of old tokens or an automatic update of the old tokens (perhaps done by wallet software update, just guessing)? What if I hold bitcoin long enough , , will the market price of the bitcoin using old token standard drop to zero since the technology become outdated?

I know some crypto projects are built on bitcoin. So how exactly do these crypto project and bitcoin community and developer deal with these problems. Any help to enlighten me is appreciated! thank you so much.

transactions – Tx Protocol Rules

In the ‘tx messages’ section for protocol rules we have

  1. Each output value, as well as the total, must be in legal money range
  1. For each input, if the referenced output does not exist (e.g. never existed or has already been spent), reject this transaction

If my understanding is correct rule 4 will confirm 0 <= output, sum of outputs <= 21,000,000, and rule 12 is checking that each input is in the UTXO set. I am having a hard time seeing why rule 4 is necessary, it seems like other rules – such as rule 12 – would already invalidate a transaction that was not in legal range. No one could ever have > 21,000,000 bitcoin so there could never be utxo’s for more 21,000,000.

Also, where can I find the code for these checks in the source code.

iphone – Contacts in Favorites: use as default FaceTime audio protocol

When I follow guides for How to Add Contacts to Favorites on iPhone I only get those options:

enter image description here

You see FaceTime audio is missing, but my contact used several FaceTime audio connections with me in the past.

How to use as default FaceTime audio protocol for Favorites in Contacts? I use latest iOS release on iPhone XR.

networking – NFS v4.1 (EFS) protocol architecture – what’s more efficient, open a small file or seek within large file?

I need to store a few million JSON objects on an NFS v4.1 “server” (not really a server, it’s AWS EFS) and then be able to quickly read them back “randomly” (as in “random access”) many times over (write once, read many). The objects are only written once, and more objects may be slowly added over time.

My question is regarding the design of the NFS v4.1 protocol itself:

Is it better to store 10,000,000 files containing one json object each, or one file containing 10,000,000 json objects? Note that in the first solution, objects would be identified by their file name, while in the second solution they would be identified by offset+length coordinates.

Intuitively the later seems more efficient, but it probably really boils down to two questions:

  • Does fseek() cause a network call?
  • Does an append at the end of the file require a file lock?