←back to thread

81 points josephscott | 2 comments | | HN request time: 0s | source
Show context
tomsonj ◴[] No.42200584[source]
chisel is a similar tool in this space https://github.com/jpillora/chisel

I don’t get why headers and requests need to be spoofed if all traffic is over https?

replies(4): >>42200669 #>>42200828 #>>42201273 #>>42201386 #
Titan2189 ◴[] No.42200669[source]
> I don’t get why headers and requests need to be spoofed if all traffic is over https?

https://en.wikipedia.org/wiki/Deep_packet_inspection

replies(1): >>42200815 #
1. fragmede ◴[] No.42200815[source]
how are they looking inside the packet if it's encrypted?
replies(1): >>42200924 #
2. sodality2 ◴[] No.42200924[source]
DPI doesn't have to decrypt it to make certain guesses about its content. For example, timing information, packet sizes, routing info, etc could lead you to believe it's certain kinds of things (SSH, VPN, etc).