Internet Censorship

From FemWiki
Revision as of 20:42, 4 August 2024 by Astolfo (talk | contribs) (Marked this version for translation)
Jump to navigation Jump to search
Other languages:

As we all know, there's all sorts of censorship online. This page is focused on the censorship enforced by governments or ISPs(Internet Service Provider) to block websites. Nothing in this post has been tested on apple products as they're unusable garbage.

Methods

IP Address Based Filtering

This method is pretty simple, IP addresses associated with the website get banned. This method is not commonly used due to IPv4 addresses being shared in a lot of cases.

DNS Level Filtering

A DNS server simply gives you the IP address of a website. Without a DNS server, your computer can't understand where to connect. In this method, ISP's DNS server refuses to give you the correct IP address of a website.

Deep Packet Inspection

The most intrusive and hard to bypass in all methods. ISPs inspect your web requests and do the filtering based on the SNI. More on that later.

How to test what filtering method your ISP uses

If your ISP does IP based filtering(which is pretty unlikely), you can't do much about it except using proxies. In other scenarios, you can check for DNS level filtering very easily, see the bypass section below. DPI is way harder but we'll get to that. To see what filtering system they use, first test the DNS filtering bypass method. If it doesn't work, it's DPI.

Bypassing the filters

Proxies/VPNs

This method might be the most known of all. Everyone knows how to download a free VPN and use it. However, this method is not recommended since almost all of those VPNs are insecure and slow. If you have a trusted VPN or proxy service, you can use that. I won't give any names since I don't know any.

DNS Changing

To evade DNS based filtering, you can change your DNS address or even better, use DNS over HTTPS. Cloudflare's DNS servers are pretty good. Their address is 1.1.1.1(one.one.one.one for DoH). There is no standard way to change your DNS servers so you'll have to check online for your operating system or browser.

DPI Bypassing

This part is the most complicated by far. You can use some programs to trick your ISP to allow your packets. This method is hard compared to others so be prepared to spend a few hours at worst but it pays off. There is no silver bullet for this method. Each setting changes from ISP to ISP, meaning you'll have to experiment with it if you're unlucky. Let's start with some tools. Some of these tools have prebuilt settings that will most likely work.

GoodbyeDPI (Windows)

This is the most useful tool for Windows. You can download it and use 2_any_country_dnsredir.cmd. GoodbyeDPI also has premade settings that you can try by editing the .cmd file. At line 7 you can change the number at the end. It can be anything from 1 to 9. Try them all and see if they work.

PowerTunnel (Windows/Linux/Android)

This might be the least working program of all. It's pretty simple to use and doesn't have a lot to offer compared to the alternatives. Works on my machine™.

SpoofDPI (Linux)

Even simpler than PowerTunnel, this either just works or not. Give it a try, it'll take less than 2 minutes.

ByeDPI (Android/Linux/Windows)

ByeDPI is a pretty simple program but doesn't have any premade settings. Android one is pretty easy to use but on computers it can be complicated.

DPI Tunnel (Android)

By far the best solution for android. Offers stuff like an auto tester and multiple profiles. However this program requires root access. If you don't know what that means, you can't run it.

Important notes

There are some important things you should keep in mind for your own safety and convenience.

  • Do NOT install a certificate authority(CA) if you don't know what you're doing!
  • Generally, stay away from random VPN services. If you absolutely must use a VPN, choose something well known.
Retrieved from "https://wiki.femboy.group/index.php?title=Internet_Censorship&oldid=42"