I have a VPS and until now have been using a socks5 server on it.
The problem is that recently my ISP (I live in Iran) has figured out some way to interrupt it and I'm receiving the "blocked page" for websites which are censored even through the proxy service. I know in some way that the problem isn't with the VPS, it's located in Germany and when used with other ISPs there's no problem.
What is causing the problem? Isn't the socks5 connection secure? What are the alternatives?
Socks handshake is transparent and easy to detect(3 bytes static data). A DPI can monitor the packet data to detect the socks connection. To evade the detection you may need to customize the handshake by changing the original socks protocol both at client and server. By default, the client initiates the connection with these bytes(if no auth)
0x05, 0x01, 0x00
5 define the socks version, 1 represents the no of methods, 0 the method type One quick hack is to change the client to send
0x05, 0x03, 0x00, 0x00, 0x00
Now the signature gets changed and DPI may fail to detect. (Here we says there are 3 methods, but we send redundant method, so no changes required at the server)
well, an ISP knows if you have a tcp or udp connection, it might look into the packets and then knows if the connection is encrypted or not.
an ISP (which wants to disturb such encrypted connections) might start dropping packets. depending on the amount of dropped packets the connection then either dies or feels reaaaaaally slow and sluggish (coz tcp would have to reask the server to resend the (dropped) missing packets).
to find out if your ISP drops packets you have to use something like wireshark might help you in detecting what is going on ( http://wiki.wireshark.org/PacketLoss ).
as mentioned in my comments to your question you might want to try putty. if this channel has connection problems caused by your ISP as well: bad luck. if putty / ssh works you might want to setup a SOCKS-proxy through ssh and see if that helps.
http://martinjr.net/2010/06/29/quick-and-easy-socks5-ssh-tunnel-set-up-with-putty/
I encountered the same issue as you mentioned and I found that the problems lies with the DNS server of your ISP.
I used my VPS to ping the server I wanted to access and I checked the IP that I am getting from the ping I am doing on my computer and they are completely different.
So I simply added that ip to my hosts file and viola! Done.
I didn't try and change the DNS servers on my network settings though. Thought it was too hassle
