Ultrasurf IPs I have found!
I found this IPs when doing some test to block ultrasurf 13.04 and 14.05
I blocked them with a rule doing reject and an alias.
Now no more ultrasurf from my network (for this versions I suppose).
I think Ultrasurf 14.05 is trying to do a search on google!
I'm capturing packets with wireshark to try to understand what is this!
Maybe a way to get new servers?
If you create some malware which posts a unique string to some website, you can use Google as a known constant & thus communication server as its almost certain Google will spider the website and they now encrypt their main searchs but for some reason dont encrypt Google Scholar but I digress, so get your malware to search for a unique string, visit the google cache to get rest of message which might be posted by another alias on a website's comments or in a thread on some forum.
The ways to communicate in plain site without using encryption algo's are enormous, you just need to think of it.
Ultrasurf contacted Google and asked this url:
So I tried to open it on Google Chrome and view source but can't find anything that says what it is doing.
I suppose Ultrasurf is getting new ip addresses of servers using this way.
So, is google being used by ultrasurf ? Is google aware of this? may this be legal?
I suppose its legal because is Google Mobilizer Service. A service to show an entire website as mobile friendly.
Good trick Ultrareach!